Protect link with cookies?

Artifex Maximus artifexor at gmail.com
Wed Jun 10 14:16:09 MSD 2009


Hello!

On Tue, Jun 9, 2009 at 2:48 PM, Artifex Maximus<artifexor at gmail.com> wrote:
> 2009/6/9 Igor Sysoev <is at rambler-co.ru>:
>> On Tue, Jun 09, 2009 at 01:30:50PM +0200, Artifex Maximus wrote:
>>
>>> I am pretty newbie to nginx and having problem on protecting my links.
>>> I am using valid_referers but is it possible using cookies for make it
>>> stronger?
>>>
>>> For example I set cookie uid with nginx's userid in 'location / {}'
>>> and check somehow under 'location /download/ {}' for cookie uid. Is it
>>> possible or just a dream? Userid was just an idea and not necessary.
>>> And any other ideas are welcome as well because cheating referer is
>>> easy task.
>>
>>    location /download/ {
>>        if ($cooke_NAME = '') {
>>            return 403;
>>        }
>>    }
>
> Looks nice. Thank you Igor!

And working perfectly though. Is there any simple solution (without
PHP or any external utility) to tracking this cookies? I mean storing
cookies in database and checking that cookie have sent is valid or
not. Or is it too complex and not nginx task?

Bye,
Zsolt





More information about the nginx mailing list