Welcome! Log In Create A New Profile

Advanced

Re: difficulty adding headers

Maxim Dounin
July 04, 2014 12:36PM
Hello!

On Fri, Jul 04, 2014 at 09:48:04AM -0400, ura wrote:

> the config i am using is inherited from the designers of the elgg platform
> and i have explored it enough to know most of what it is doing.
> perhaps i need to replace the location block that targets .php files with
> one that explicitly lists all the possible locations of php files instead...
> which would leave the possibility open for the new 'stream' location block i
> am using here.
>
> i was using the internal keyword since i am wanting to do what i can to
> ensure that the video files are only available to site visitors once they
> have passed a security process (handled by php and sql). the site here is a
> social network and all media items have an associated privacy level - so the
> files cannot all be public, which is the origin of these issues. the files
> are held outside of the nginx site root directory for this reason.

Sure. The problem is that you try to "navigate to
www.mysite.tld/stream/blah.mp4", and it won't work if the location
in question is internal.

> > Streaming videos with php is silly, so recommended approach is
> > "Don't do that".
>
> how else can a video be served from a PHP social networking app, where the
> file needs to be 'behind' privacy/security checks?
> wouldn't there need to be some kind of PHP processing just to set up the
> externally accessible path for the video file (after the viewer's
> credentials have been checked)?
> to be clear, i am not saying that the final path for the video is a .php
> file.. the final path would be filename.mp4.. however, the php location
> block is triggered along the processing path anyway - as the config is.

There are more than one way to do security checks. Most obvious
ones is to use either X-Accel-Redirect, or auth_request, or
secure_link.

--
Maxim Dounin
http://nginx.org/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

difficulty adding headers

ura June 27, 2014 11:50AM

Re: difficulty adding headers

Maxim Dounin June 27, 2014 12:50PM

Re: difficulty adding headers

ura June 27, 2014 12:54PM

Re: difficulty adding headers

ura June 27, 2014 12:58PM

Re: difficulty adding headers

Maxim Dounin June 27, 2014 02:08PM

Re: difficulty adding headers

ura June 27, 2014 02:23PM

Re: difficulty adding headers

ura June 27, 2014 02:50PM

Re: difficulty adding headers

Maxim Dounin June 27, 2014 03:22PM

Re: difficulty adding headers

ura June 27, 2014 07:26PM

Re: difficulty adding headers

Maxim Dounin June 27, 2014 10:02PM

Re: difficulty adding headers

ura June 28, 2014 10:44AM

Re: difficulty adding headers

ura June 28, 2014 12:17PM

Re: difficulty adding headers

Maxim Dounin June 30, 2014 03:18PM

Re: difficulty adding headers

ura June 30, 2014 04:34PM

Re: difficulty adding headers

Maxim Dounin June 30, 2014 08:34PM

Re: difficulty adding headers

ura July 04, 2014 09:48AM

Re: difficulty adding headers

Maxim Dounin July 04, 2014 12:36PM

Re: difficulty adding headers

Sophie Moussion July 25, 2014 03:40AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 92
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready