Content Type Restrictions:
You can restrict uploads to specific image MIME types using request.resource.contentType.
Code

service firebase.storage {
  match /b/{bucket}/o {
    match /images/{imageId} {
      allow write: if request.resource.contentType.matches('image/png|image/jpeg|image/svg\\+xml');
    }
  }
}
This rule allows writes to the /images/{imageId} path only if the uploaded file's content type is image/png, image/jpeg, or image/svg+xml.
2. File Extension Restrictions:
You can also enforce restrictions based on file extensions using request.resource.name.
Code

service firebase.storage {
  match /b/{bucket}/o {
    match /images/{imageId} {
      allow write: if request.resource.name.matches('.*\\.(png|jpg|jpeg|svg)$');
    }
  }
}
This rule ensures that only files with .png, .jpg, .jpeg, or .svg extensions can be written to the specified path.
3. File Size Limits:
You can set a maximum file size using request.resource.size.
Code

service firebase.storage {
  match /b/{bucket}/o {
    match /images/{imageId} {
      allow write: if request.resource.size < 5 * 1024 * 1024; // Max 5MB
    }
  }
}
This rule limits the size of uploaded images to 5MB.
4. User-Based Permissions:
Combine these restrictions with user authentication to allow only authenticated users or specific users to upload images.
Code

service firebase.storage {
  match /b/{bucket}/o {
    match /users/{userId}/images/{imageId} {
      allow write: if request.auth != null && request.auth.uid == userId &&
                     request.resource.contentType.matches('image/.*') &&
                     request.resource.size < 1 * 1024 * 1024; // Max 1MB
    }
  }
}
This rule allows only authenticated users to upload images to their specific user folder, provided the image is of a valid type and within the size limit.
By combining these conditions, you can create robust security rules tailored to the specific requirements of your image uploads in Firebase Storage.