[pLog-svn] resserver usage

Jon Daley plogworld at jon.limedaley.com
Wed Oct 4 11:00:36 GMT 2006 

On Wed, 4 Oct 2006, Reto Hugi wrote:
>>  	Yes, this method allows the filename to be seen.  (and I just put
>> up a .zip file on the same page to test your theory)  The third method on
>> that page does work correctly.
>
> ok, that's what I expected (thank for the provided tests, I can't do ssh
> connections from work...)
>
> To sum it up:
> - in case we want access control, there's no way around the method we use
> now.
 	No, I disagree.  I believe I can do access control with the 
rewrites.  I will work on that later today.

> of course protecting direct file access and more advanced features in
> lifetype are to be implemented yet, but it's an option we have.

> - in case we want a performant download, we need at least server
> redirection if not direct file access.
 	Yes.

> - having rewrites for each file is not an option
 	I am interested in the external program method, perhaps we do 
different methods, and people can choose which one they want.  The default 
is the way it is now, x-sendfile and RewriteMap are alternatives for 
people who want higher performance.  exec(renice +10) is an option for 
people who just want to keep the resources from sucking up too much 
processor time, but is also optional.  I think all of these solutions 
(other than our current method) will cause problems for different groups 
of people.

> - maybe we should again think about leaving the "real" filenames on the
> filesystem. AFAIK the "virtual" filename saved in lifetype's database has
> to be unique for a blog as well, and all files are physically saved under
> their blog id folder anyway. i don't think it's a problem to use the real
> filename. not even regarding security/access control because if access
> control is going to be implemented, direct access to the directory
> /gallery/ has to be blocked anyway (or "gallery" should not even be under
> the web root)
>
> - leaving the original filenames would ease the redirecting stuff (i.e.
> only a handful rewrites would do) and give us nice filenames.
>
> - IMO the only reason for redirecting would be to get events within
> lifetype (for stats or whatever a plugin may do) else, direct access would
> be better.



-- 
Jon Daley
http://jon.limedaley.com/

A cement mixer collided with a prison van on the Kingston Pass.
Motorists are asked to be on the lookout for 16 hardened criminals.
-- Ronnie Corbett

More information about the pLog-svn mailing list