nginx-0.7.18
Igor Sysoev
is at rambler-co.ru
Mon Oct 13 21:10:03 MSD 2008
On Mon, Oct 13, 2008 at 05:56:47PM +0200, Steffen Weber wrote:
> Igor Sysoev wrote:
> >The ngx_http_secure_link_module allows to create a secure link as
> >/prefix/hash/link, where
> >
> >1) prefix is any symbols expect "/";
> >2) hash is md5(link, secret),
> > the secret is set by secure_link_secret directive;
> >3) and link is some link to secure.
>
> lighttpd has a similar feature with an additional possibility to specify
> a timeout: http://redmine.lighttpd.net/wiki/lighttpd/Docs:ModSecDownload
>
> The timeout would be a nice addition to nginx, because otherwise once
> someone has received the "secure link" he can pass it around to other
> people and it will never expire.
The current use of the module is not to create unique expiring links,
but to validate redirecting or proxying URLs such as
http://www.example.com/click/XXXXX/frod.site.com/foobar/
The unique links should be created using X-Accel-Redirect, however,
I will probably add timestamps.
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list