[Mongrel] sendfile and mongrel

Matte Edens matte at ruckuswireless.com
Tue Dec 11 21:52:51 EST 2007


I use X_SendFile with Apache 2.2 just fine.  FYI.

And wouldn't it be possible to intercept all download requests and force 
use of a cookie/session authorization requirement?  I do it on one of my 
websites.  The X_SendFile feature doesn't actually send the server 
location of the file and if you used a url such as ...

http://website/download/[filename]

/download/ is an action in one of my controllers and it requires a valid 
login session.  I do a query on the filename and if you're not 
authorized for the file you don't get to download.  All downloads are 
stored outside the website directory so no direct linking is available.  
Then I use the x_send_file feature to have apache serve up the file 
without going through mongrel.

There's also a nice x_send_file plugin that replaces "send_file" with an 
"x_send_file" call, so code updates should be at a minimum.

matte

Andy Koch wrote:
> forgive me if this has been resolved already...
>
> I have an app that is using sendfile to return large files to customers. 
>   We can't use regular Apache to handle this static content since the 
> files are what the customers are paying for - so it wouldn't be cool for 
> anyone else to get access to them.
>
> The issue is that the mongrel mem footprint gets bloated when the files 
> are transferred and this mem does not get returned to the system.
>
> I've looked into x-sendfile, but it doesn't appear to be compatible with 
> Apache 2.2.
>
> Now the question, does the current mongrel 1.1.1 have this same issue 
> with sendfile and memory bloating? (I'm currently running 1.0.1)
>
> Are there any other recommendations for handling this situation?
>
> thanks
>
> _______________________________________________
> Mongrel-users mailing list
> Mongrel-users at rubyforge.org
> http://rubyforge.org/mailman/listinfo/mongrel-users
>   



More information about the Mongrel-users mailing list