Using Content-MD5 header
Manlio Perillo
manlio_perillo at libero.it
Thu Jul 24 12:39:55 MSD 2008
Istvan Szukacs ha scritto:
> Igor Sysoev wrote:
>> On Mon, Jul 21, 2008 at 01:37:56PM +0200, Matthijs Langenberg wrote:
>>
>> No, nginx does not support Content-MD5 header.
>> Calculating MD5 means that nginx must read whole file before sending it
>> to client.
>>
>> What purpose of this header ?
>>
> security...
>
> you can ensure that the file is not changed, modified, damaged
>
> might be implemented that the md5 sums generated not on the fly but
> after a restart for example you can enable it on a directory.
>
> regards,
> Istvan
>
This can be easily and efficiently implemented by writing a module for
Nginx.
As an example:
1) The module is registered for the access phase
2) For each request the module opens a DBM file
(whose path is in configuration).
In the dbm file are stored path names and MD5 hashes.
The module check if the path name is in the database and retrieve
the MD5 hash, adding the MD5 header.
If the path is not in the database, an error is returned.
3) Control then pass to the static module, and file is served to the
client.
The DBM file is updated using an external tool (as an example a Python
or Perl script): it is important that the dbm file is updated
atomically, and this can be done by creating a temporary file and then
renaming it (since renaming is an atomical operation).
Manlio Perillo
More information about the nginx
mailing list