I use X_SendFile with Apache 2.2 just fine. FYI. And wouldn't it be possible to intercept all download requests and force use of a cookie/session authorization requirement? I do it on one of my websites. The X_SendFile feature doesn't actually send the server location of the file and if you used a url such as ...
http://website/download/[filename] /download/ is an action in one of my controllers and it requires a valid login session. I do a query on the filename and if you're not authorized for the file you don't get to download. All downloads are stored outside the website directory so no direct linking is available. Then I use the x_send_file feature to have apache serve up the file without going through mongrel. There's also a nice x_send_file plugin that replaces "send_file" with an "x_send_file" call, so code updates should be at a minimum. matte Andy Koch wrote: > forgive me if this has been resolved already... > > I have an app that is using sendfile to return large files to customers. > We can't use regular Apache to handle this static content since the > files are what the customers are paying for - so it wouldn't be cool for > anyone else to get access to them. > > The issue is that the mongrel mem footprint gets bloated when the files > are transferred and this mem does not get returned to the system. > > I've looked into x-sendfile, but it doesn't appear to be compatible with > Apache 2.2. > > Now the question, does the current mongrel 1.1.1 have this same issue > with sendfile and memory bloating? (I'm currently running 1.0.1) > > Are there any other recommendations for handling this situation? > > thanks > > _______________________________________________ > Mongrel-users mailing list > Mongrel-users@rubyforge.org > http://rubyforge.org/mailman/listinfo/mongrel-users > _______________________________________________ Mongrel-users mailing list Mongrel-users@rubyforge.org http://rubyforge.org/mailman/listinfo/mongrel-users
