Welcome! Log In Create A New Profile

Advanced

Rewrite module and secure download

December 15, 2009 11:42PM
Hi guys, having a bit of a pickle at the moment. I've set up the secure download module and its working as it should. The problem is when you try to use it, it appends the file name as the hex timestamp (without an extension) which is at the end of the URI which isn't the ideal way of downloading things. So I tried using the rewrite module to move the file name to the end of the link.

E.g
/save/dir/6450.png/097ac16cb19ff6c163d6f813fdd44b4d/4b283bfa
(works but downloads as 4b28264c instead of 6450.png)

The way the module works: < real path >/< file >/< md5 >/< timestamp >
The way I want it is: < real path >/< md5 >/< timestamp >/< file >

So in comes the rewrite rule. My new links look like:
/file/097ac16cb19ff6c163d6f813fdd44b4d/4b283bfa/dir/6450.png

I have moved the < md5 >/< timestamp > in front of the < file > in hopes it would now save the file name properly with its extension. My config is below:
[code]
location / {
rewrite /file/(.*)/(.*)/(.*)/(.*)$ /save/$3/$4/$1/$2 break;
}

location /save {
root /var/www/html/files/12-2009;
secure_download on;
secure_download_secret mypass;
secure_download_path_mode file;
secure_download_fail_location /error;

add_header Content-Disposition attachment;

}
[/code]
As you can see the rewrite rule converts the link back to what it should be. That is it moves the < md5 >/< timestamp > to the end of the URI again and changes /file/ back to /save/. Except it now throws a 404 error. Looking in the debug error log it throws out this:
[code]
[notice] 31949#0: *1 "/file/(.*)/(.*)/(.*)/(.*)$" matches "/file/097ac16cb19ff6c163d6f813fdd44b4d/4b283bfa/dir/6450.png"
[notice] 31949#0: *1 rewritten data: "/save/dir/6450.png/097ac16cb19ff6c163d6f813fdd44b4d/4b283bfa"
[error] 31949#0: *1 open() "/var/www/html/save/dir/6450.png/097ac16cb19ff6c163d6f813fdd44b4d/4b283bfa" failed (2: No such file or directory)
[/code]
Pretty much the rewrite rule is converting it exactly as it should be: (line 2 of log)
/save/dir/6450.png/097ac16cb19ff6c163d6f813fdd44b4d/4b283bfa
(< real path >/< file >/< md5 >/< timestamp >)

But where is the secure download module? It hasn't popped up and done its business with the link. Instead line 3 of the log shows it trying to open the link when it should do this:
[code]
[info] 8156#0: *3 securedownload: evaluated value of secret: "mypass"
[debug] 8156#0: *3 hashing string "/save/dir/6450.png/mypass/4b283bfa" with len 50
[debug] 8156#0: *3 computed hash: 097ac16cb19ff6c163d6f813fdd44b4d
[/code]
Its apparent the rewrite module and the secure download module wont work together. What can I do to fix this?

I am currently using lighttpd and the modsecdownload module which this nginx module is based off, the only real difference is that the lighttpd module does all the above already (< real path >/< md5 >/< timestamp >/< file >) so it saves the file properly.

Hopefully I didn't miss anything out, any help is much appreciated!
Subject Author Posted

Rewrite module and secure download

trinsic December 15, 2009 11:42PM

Re: Rewrite module and secure download

Maxim Dounin December 16, 2009 12:00AM

Re: Rewrite module and secure download

gog January 14, 2010 08:28AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 107
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready