Rewrite module and secure download

gog nginx-forum at nginx.us
Thu Jan 14 16:28:43 MSK 2010


I stumbled upon the exact same problem today while moving our site from Lighttpd to nginx.

This is how we solved it:

Link to our protected files look like this:

/pdf/number.pdf/MD5_hash/hex_of_timestamp 

and this is our location directive:


        # PDF download
        location /pdf {
            secure_download on;
            secure_download_secret $request_addr;
            secure_download_path_mode file;
            
            if ($uri ~ "^/pdf/(.+\.pdf)$") {
                set $filename $1;
            }
            add_header Content-Disposition "attachment; filename=$filename";
	}


As you can see from the example we are extracting the filename from the request uri and setting the appropriate header.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,30777,41125#msg-41125




More information about the nginx mailing list