We are using NginxHttpSecureLinkModule
(http://wiki.nginx.org/NginxHttpSecureLinkModule) to write secure links
for our media hosting, and we added on the TTL module so the links can
expire after X minutes
(http://www.masterzen.fr/2009/07/18/nginx-secure-link-module-with-ttl/).
This has also been tested without this module, and with the latest
stable version (0.7.64) and the latest development version (0.8.32) and
the outcome has been the same.

When using a Secure Link, adding any request variables (?start=20) cause
it to fail and pass to our default 403 page. Without the Secure Links,
request variables work fine and are handled properly by the Location
tags in the config.

I thought that it might have been treating the request string as part of
the filename you're hashing, so I included it within the has, but the
link also gave a 403 so I don't believe it is. We're trying to use it
to play video files through a flash player, which adds extra strings to
the url by default.

You should be able to reproduce it by appending a query string of any
type to any link using this module (secure_link_secret config option).
--
Posted via http://www.ruby-forum.com/.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx