Modifying HttpAccessKeyModule

Mike Gagnon mikegagnon at
Sat May 19 00:46:28 UTC 2012

Thanks for the link. That sounds like a great tip.

By following the example of HttpSecureLinkModule, it seems I should have
one part of the module parse the URI and determine if the link is valid (by
checking the hash). Then I can set an nginx variable valid_link to "1" or
"0" (depending whether or not the link has a valid key in the URI).

In another part of my module, I'll hook into the phase that decides where
to route requests. If the link is valid, I will route it to the normal
content handler. If the link didn't exist (or is invalid) I will route the
request to the special SSI page that which contains JavaScrip that will
generate a key for the user.

Does this approach sound like a good way to go? One question I have, is
what phase should I hook into inorder to route requests to my special SSI
page? Would the NGX_HTTP_REWRITE_PHASE be the right place to
read valid_link and determine how to route the request? This way I could
read the value of valid_link and re-write the URI as needed.

Thanks again!
Mike Gagnon

On Fri, May 18, 2012 at 3:59 PM, Oleksandr V. Typlyns'kyi <
wangsamp at> wrote:

> Yesterday May 18, 2012 at 08:36 Mike Gagnon wrote:
> > Hello,
> >
> > I would like to add a new feature to the HttpAccessKeyModule (
> >
> >
> > As currently implemented when the visitor omits the key then the module
> > yields a 403 page. I would like to change this behavior, such that when a
> > visitor omits a key, then the module yields a page that contains
> javascript
> > to automatically generate a key. This page however, must be dynamically
> > generated for the specific URI requested (SSI seems appropriate).
>   Did you look at secure link module?
> --
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx-devel mailing list