|
I just released a mongrel secure download handler on rubyforge. It's a
way to have mongrel stream files to the user without linking them
directly to the file using a time-based token authorization scheme.
Here is a more detailed description: This handler addresses the problem of having a fast and secure download mechanism for web applications. The mechanism works by having the application generate a special URI containing a token that is only valid for a certain period of time. The server then recognizes this URI and generates a token using the parameters passed in and checks for a match before sending the file to the user. The key to the process is the secret string that both the server and the application are aware of. You can find the gem at the rubyforge page here http://rubyforge.org/projects/msecuredownload/ Documentation is included in the form of RDoc comments that explain exactly how to use it. It's very easy to use and good for quickly and securely sending files of any size from directories that are not publicly accessible. I have tested it locally with files over 1GB in size and had no problems. Processor usage and RAM usage are very low and mongrel continues to serve up pages as fast as it normally does. Mongrel you are my hero, Josh Ferguson [EMAIL PROTECTED] wrote: I wrote an x-sendfile thing for the railshandler to get mongrel to catch the response header and stream out files from an application I'm writing but I'm pretty sure that zed said he'd built in x-sendfile somewhere already. I couldn't find it, could someone lead me to it? |
_______________________________________________ Mongrel-users mailing list Mongrel-users@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-users
