Serving big static and private files
Hi, you might know that the Perl Maven site http://perlmaven.com/ runs on Dancer. Up till yesterday it was running on Starman as the web server, but yesterday I added Nginx to the mix. So now it is Nginx - Starman(Dancer). One of the reasons I made the change is that there are a few large static files (some videos/screencasts and mp3 files) that I think would be better served by Nginx directly. I can configure that in Nginx (have not done it yet), but some of these files should be only available to paying users. As long as everything went through Dancer this was easy. in the route serving the file I checked if the request comes from an authenticated user and if she has the right subscription and only served the file if everything was fine. I am not sure how to do this when the files are served directly by nginx. Is there a solution? Any recommendations? regards Gabor
On 10/03/2014 3:56 pm, Gabor Szabo wrote:
I am not sure how to do this when the files are served directly by nginx.
Is there a solution? Any recommendations? Hey Garbor,
Have a look at nginx's support for the X-Accel-Redirect header. Your Dancer app returns a response with this header set which nginx then (internally) redirects to the local file rather than than stuffing the file content into Dancer's response. A quick Google search shows up a Catalyst advent calendar entry that should give an overview of how this works; http://www.catalystframework.org/calendar/2009/16 Hope that helps, Russell.
This is awesome stuff and now we will have at least 1/24 of 2014 Perl Dancer Advent Calendar by Gabor ;-) On Mon, Mar 10, 2014 at 5:57 AM, Russell Jenkins < russell.jenkins@strategicdata.com.au> wrote:
On 10/03/2014 3:56 pm, Gabor Szabo wrote:
I am not sure how to do this when the files are served directly by nginx.
Is there a solution? Any recommendations?
Hey Garbor,
Have a look at nginx's support for the X-Accel-Redirect header.
Your Dancer app returns a response with this header set which nginx then (internally) redirects to the local file rather than than stuffing the file content into Dancer's response.
A quick Google search shows up a Catalyst advent calendar entry that should give an overview of how this works; http://www.catalystframework. org/calendar/2009/16
Hope that helps, Russell.
_______________________________________________ dancer-users mailing list dancer-users@dancer.pm http://lists.preshweb.co.uk/mailman/listinfo/dancer-users
Hi Russell, that was a great pointer. I think I managed to set it up and now all the videos hosted on the Perl Maven site are being served directly by Nginx. I'll write a blog post showing an example using Dancer later on, but it would be great if you could try to break the system :) This video is free and should be downloadable by anyone: http://perlmaven.com/media/videos/getting-started-with-perl-dancer-1280x720.... This video, however: http://perlmaven.com/media/pro/videos/beginner-perl/introduction/comments.og... should be only served to people who are Perl Maven Pro subscribers and who are logged in. Can you somehow trick the server into downloading that file? Maybe by supplying X-Accel-Redirect: ? regards Gabor
On 12/03/2014 1:24 am, Gabor Szabo wrote:
I'll write a blog post showing an example using Dancer later on, but it would be great if you could try to break the system :) I tried requests with extra headers and couldn't get to the 'pro' video.
As long as you have nginx config flagging the local path to the 'pro' videos as "internal;", no external requests can directly access that. Cheers, Russell.
Yes, I set it to 'internal' and I cal forward in the route, though I don't fully understand yet how does Dancer running in Starman, a process separate from nginx managed to do an internal reload. I guess I'll have to read about this. Gabor On Thu, Mar 13, 2014 at 2:54 PM, Russell Jenkins <russell.jenkins@strategicdata.com.au> wrote:
On 12/03/2014 1:24 am, Gabor Szabo wrote:
I'll write a blog post showing an example using Dancer later on, but it would be great if you could try to break the system :)
I tried requests with extra headers and couldn't get to the 'pro' video.
As long as you have nginx config flagging the local path to the 'pro' videos as "internal;", no external requests can directly access that.
Cheers,
Russell.
participants (3)
-
Gabor Szabo -
Paulo A Ferreira -
Russell Jenkins