Lock in $30 Savings on PRO—Offer Ends Soon! ⏳

Protecting static files in your web app

Avatar for Max Ludwig Max Ludwig
January 02, 2016
Programming
0
500

Protecting static files in your web app

... in production

https://github.com/dAnjou/xsendfile-example

Avatar for Max Ludwig

Max Ludwig

January 02, 2016
Tweet

Other Decks in Programming

See All in Programming
SwiftUIで本格音ゲー実装してみた
Avatar for 蛋白(たんぱく・TANPACT) hypebeans
0
480
Rubyで鍛える仕組み化プロヂュース力
Avatar for muryoimpl muryoimpl
0
150
AIの誤りが許されない業務システムにおいて“信頼されるAI” を目指す / building-trusted-ai-systems
Avatar for Yuya Matsumura yuya4
6
3.9k
AIコーディングエージェント(Gemini)
Avatar for kondai kondai24
0
260
令和最新版Android Studioで化石デバイス向けアプリを作る
Avatar for Sora Arakawa arkw
0
430
AIエージェントを活かすPM術 AI駆動開発の現場から
Avatar for gyuta gyuta
0
460
ELYZA_Findy AI Engineering Summit登壇資料_AIコーディング時代に「ちゃんと」やること_toB LLMプロダクト開発舞台裏_20251216
Avatar for 株式会社ELYZA elyza
2
530
著者と進める!『AIと個人開発したくなったらまずCursorで要件定義だ!』
Avatar for yasuna yasunacoffee
0
150
Deno Tunnel を使ってみた話
Avatar for すずとも kamekyame
0
220
Giselleで作るAI QAアシスタント 〜 Pull Requestレビューに継続的QAを
Avatar for Tadashi Shigeoka codenote
0
270
JETLS.jl ─ A New Language Server for Julia
Avatar for abap34 abap34
2
440
フルサイクルエンジニアリングをAI Agentで全自動化したい 〜構想と現在地〜
Avatar for Kaito Minatoya kamina_zzz
0
240

Featured

See All Featured
Exploring the relationship between traditional SERPs and Gen AI search
Avatar for Ray Grieselhuber raygrieselhuber
PRO
2
3.4k
How to Get Subject Matter Experts Bought In and Actively Contributing to SEO & PR Initiatives.
Avatar for Liv Day livdayseo
0
29
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
Avatar for Sam Stephenson sstephenson
162
16k
How to build a perfect <img>
Avatar for Jono Alderson jonoalderson
0
4.6k
Keith and Marios Guide to Fast Websites
Avatar for Keith Pitt keithpitt
413
23k
From Legacy to Launchpad: Building Startup-Ready Communities
Avatar for Dug Song dugsong
0
110
First, design no harm
Avatar for Per Axbom axbom
PRO
1
1.1k
How To Speak Unicorn (iThemes Webinar)
Avatar for Michelle Schulp Hunt marktimemedia
1
340
Prompt Engineering for Job Search
Avatar for Mfonobong Umondia mfonobong
0
120
Speed Design
Avatar for Sergey Chernyshev sergeychernyshev
33
1.4k
Balancing Empowerment & Direction
Avatar for Lara Hogan lara
5
810
Raft: Consensus for Rubyists
Avatar for Patrick Van Stee vanstee
141
7.2k

Transcript

  1. … in production Protecting static files in your web app

  2. X-Sendfile HTTP header

  3. GET /video.ogv video.ogv web server web app check permissions +

    set header check header + serve file

  4. from django.http import HttpResponse from django.utils.encoding import smart_str def sendfile(request,

    filename, **kwargs): # check requesting user’s permissions response = HttpResponse() response['X-Sendfile'] = smart_str(unicode(filename)) return response django-sendfile/sendfile/backends/xsendfile.py

  5. <VirtualHost *:80> XSendFile On # ... </VirtualHost> /etc/apache2/sites-available/example.de

  6. Apache2: X-Sendfile nginx: X-Accel-Redirect Lighttpd: X-LIGHTTPD-send-file

  7. github.com/dAnjou/xsendfile-example [email protected]