feature request

Igor Sysoev is at rambler-co.ru
Fri May 11 08:51:02 MSD 2007

On Tue, May 08, 2007 at 10:47:22PM -0700, Bedros Hanounik wrote:

> a while ago I sent an email inquiring about nginx feature equivalent
> to mod_secdownload of Lighttpd found here
> (http://trac.lighttpd.net/trac/wiki/Docs%3AModSecDownload)
> recently I checked the feature request page of nginx wiki and found a
> suggestion to use NginxXSendfile feature; however I'm not sure if
> XSendfile supports the following
> the uri expires;  timing out,
> static file is on a URI on a different machine/location
> these two parameters of the mod_secdownload are very valuables, they
> allow me to give someone a limited access to a static file, then
> later, if his/her membership expires, they no longer can use the same
> old uri to access the static file.
> I could be wrong, but is what I just described is lacking from
> XSendfile feature??

When nginx uses X-Accel-Redirect it does not know anything about
expires, user validity, etc. It's all up to authentification backend.
The request always should go to backend, and the backend decides whether
uri is expired or not, and sends When nginx uses or 403.

Igor Sysoev

More information about the nginx mailing list