http_secure_link module questions

Vincent vincent.hervieux at gmail.com
Fri Oct 29 15:38:22 MSD 2010


Hello all,

I am new to this list so maybe this topic was already discussed, but I
didn't find any answer in the English mailing lists.

We are using the optional http secure link module. The problem is that the
link is not so secure : you can give it to any of your friend and he will be
to see the link as well.

Looking at the source code of this module in latest version : 0.8.53, seems
like there was a secure_link_expires keyword that can give a life time to a
link. Looks like a good idea. Any reason why this has been removed in
0.8.51?

Otherwise I wanted to patch this module to add some other parameters like
the user agent, IP address, not only the secret word which is common to
every users, to make the link more unique. Does it makes sense, or can it
adds to much computations on the web server, leading to too high CPU usage?

Thanks in advance for your answers.

-Vincent
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx-devel/attachments/20101029/5ab07f57/attachment.html>


More information about the nginx-devel mailing list