Using Content-MD5 header

Manlio Perillo manlio_perillo at
Thu Jul 24 12:39:55 MSD 2008

Istvan Szukacs ha scritto:
> Igor Sysoev wrote:
>> On Mon, Jul 21, 2008 at 01:37:56PM +0200, Matthijs Langenberg wrote:
>> No, nginx does not support Content-MD5 header.
>> Calculating MD5 means that nginx must read whole file before sending it
>> to client.
>> What purpose of this header ?
 > security...
 > you can ensure that the file is not changed, modified, damaged
 > might be implemented that the md5 sums generated not on the fly but
 > after a restart for example you can enable it on a directory.
 > regards,
 > Istvan

This can be easily and efficiently implemented by writing a module for 

As an example:
1) The module is registered for the access phase
2) For each request the module opens a DBM file
    (whose path is in configuration).
    In the dbm file are stored path names and MD5 hashes.
    The module check if the path name is in the database and retrieve
    the MD5 hash, adding the MD5 header.
    If the path is not in the database, an error is returned.
3) Control then pass to the static module, and file is served to the

The DBM file is updated using an external tool (as an example a Python 
or Perl script): it is important that the dbm file is updated 
atomically, and this can be done by creating a temporary file and then 
renaming it (since renaming is an atomical operation).

Manlio Perillo

More information about the nginx mailing list