Secure Link Expires - URL Signing
anish10dec
nginx-forum at forum.nginx.org
Wed Jan 10 08:15:05 UTC 2018
URL Signing by Secure Link MD5 , restricts the client from accessing the
secured object for limited time using below module
Exp time is sent as query parameter from client device
secure_link $arg_hash,$arg_exp;
secure_link_md5 "secret$arg_exp";
if ($secure_link = "") {return 405;}
if ($secure_link = "0") {return 410;}
Here problem is that if expiry time i.e exp send from client is less than
server time nginx module returns 410 .
But if some client changes the time of device to some future date and
request for object in that case also object will be delivered as client time
will be greater than server time.
Is there a way to restrict the request, by secure link module, to future
time so that for example object should be accessible only for 1 hour time
duration from current time.
Please suggest
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,278063,278063#msg-278063
More information about the nginx
mailing list