Lock in $30 Savings on PRO—Offer Ends Soon! ⏳

Protecting static files in your web app

Avatar for Max Ludwig Max Ludwig
January 02, 2016
Programming
0
500

Protecting static files in your web app

... in production

https://github.com/dAnjou/xsendfile-example

Avatar for Max Ludwig

Max Ludwig

January 02, 2016
Tweet

Other Decks in Programming

See All in Programming
実はマルチモーダルだった。ブラウザの組み込みAI🧠でWebの未来を感じてみよう #jsfes #gemini
Avatar for n0bisuke n0bisuke2
3
1.3k
「コードは上から下へ読むのが一番」と思った時に、思い出してほしい話
Avatar for HideyukiKitao panda728
PRO
39
26k
Pythonではじめるオープンデータ分析〜書籍の紹介と書籍で紹介しきれなかった事例の紹介〜
Avatar for Ryo YOSHI welliving
1
290
脳の「省エネモード」をデバッグする ~System 1(直感)と System 2(論理)の切り替え~
Avatar for HideyukiKitao panda728
PRO
0
110
Microservices rules: What good looks like
Avatar for Chris Richardson cer
PRO
0
1.5k
AIコーディングエージェント(Gemini)
Avatar for kondai kondai24
0
240
Graviton と Nitro と私
Avatar for maroon1st maroon1st
0
110
ELYZA_Findy AI Engineering Summit登壇資料_AIコーディング時代に「ちゃんと」やること_toB LLMプロダクト開発舞台裏_20251216
Avatar for 株式会社ELYZA elyza
2
370
エディターってAIで操作できるんだぜ
Avatar for kis9a kis9a
0
740
S3 VectorsとStrands Agentsを利用したAgentic RAGシステムの構築
Avatar for とすり tosuri13
6
360
C-Shared Buildで突破するAI Agent バックテストの壁
Avatar for po3rin po3rin
0
400
公共交通オープンデータ × モバイルUX 複雑な運行情報を 『直感』に変換する技術
Avatar for Tsubasa SEKIGUCHI tinykitten
PRO
0
140

Featured

See All Featured
Utilizing Notion as your number one productivity tool
Avatar for Mfonobong Umondia mfonobong
2
180
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
432
66k
Bootstrapping a Software Product
Avatar for Garrett Dimon garrettdimon
PRO
307
120k
WCS-LA-2024
Avatar for Leonardo Collado-Torres lcolladotor
0
380
Why Our Code Smells
Avatar for Brandon Keepers bkeepers
PRO
340
57k
Primal Persuasion: How to Engage the Brain for Learning That Lasts
Avatar for Mike Taylor tmiket
0
180
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
Avatar for Michelle Schulp Hunt marktimemedia
31
2.6k
How to Get Subject Matter Experts Bought In and Actively Contributing to SEO & PR Initiatives.
Avatar for Liv Day livdayseo
0
27
Information Architects: The Missing Link in Design Systems
Avatar for Michelle Chin soysaucechin
0
700
Build your cross-platform service in a week with App Engine
Avatar for Jose L jlugia
234
18k
Learning to Love Humans: Emotional Interface Design
Avatar for Aarron Walter aarron
274
41k
世界の人気アプリ100個を分析して見えたペイウォール設計の心得
Avatar for Akihiro Kokubo akihiro_kokubo
PRO
63
35k

Transcript

  1. … in production Protecting static files in your web app

  2. X-Sendfile HTTP header

  3. GET /video.ogv video.ogv web server web app check permissions +

    set header check header + serve file

  4. from django.http import HttpResponse from django.utils.encoding import smart_str def sendfile(request,

    filename, **kwargs): # check requesting user’s permissions response = HttpResponse() response['X-Sendfile'] = smart_str(unicode(filename)) return response django-sendfile/sendfile/backends/xsendfile.py

  5. <VirtualHost *:80> XSendFile On # ... </VirtualHost> /etc/apache2/sites-available/example.de

  6. Apache2: X-Sendfile nginx: X-Accel-Redirect Lighttpd: X-LIGHTTPD-send-file

  7. github.com/dAnjou/xsendfile-example [email protected]