$30 off During Our Annual Pro Sale. View Details »

Protecting static files in your web app

Avatar for Max Ludwig Max Ludwig
January 02, 2016
Programming
0
500

Protecting static files in your web app

... in production

https://github.com/dAnjou/xsendfile-example

Avatar for Max Ludwig

Max Ludwig

January 02, 2016
Tweet

Other Decks in Programming

See All in Programming
LLM Çağında Backend Olmak: 10 Milyon Prompt'u Milisaniyede Sorgulamak
Avatar for Selçuk Usta selcukusta
0
110
AIコーディングエージェント(Manus)
Avatar for kondai kondai24
0
160
LLMで複雑な検索条件アセットから脱却する!! 生成的検索インタフェースの設計論
Avatar for po3rin po3rin
2
640
【CA.ai #3】ワークフローから見直すAIエージェント — 必要な場面と“選ばない”判断
Avatar for SatoAoaka satoaoaka
0
230
connect-python: convenient protobuf RPC for Python
Avatar for Anuraag Agrawal anuraaga
0
380
[SF Ruby Conf 2025] Rails X
Avatar for Vladimir Dementyev palkan
0
490
著者と進める!『AIと個人開発したくなったらまずCursorで要件定義だ!』
Avatar for yasuna yasunacoffee
0
120
AIコーディングエージェント(NotebookLM)
Avatar for kondai kondai24
0
170
AIエンジニアリングのご紹介 / Introduction to AI Engineering
Avatar for r-kagaya rkaga
5
1.9k
リリース時」テストから「デイリー実行」へ!開発マネージャが取り組んだ、レガシー自動テストのモダン化戦略
Avatar for goataka (GOAMI Takaaki) goataka
0
120
ID管理機能開発の裏側 高速にSaaS連携を実現したチームのAI活用編
Avatar for Atsushi Kawamura (atzz/a2c) atzzcokek
0
210
안드로이드 9년차 개발자, 프론트엔드 주니어로 커리어 리셋하기
Avatar for Seungmin 마량 maryang
1
110

Featured

See All Featured
Building Flexible Design Systems
Avatar for Yesenia Perez-Cruz yeseniaperezcruz
330
39k
We Have a Design System, Now What?
Avatar for Morgane Peng morganepeng
54
7.9k
Build your cross-platform service in a week with App Engine
Avatar for Jose L jlugia
234
18k
Done Done
Avatar for chrislema chrislema
186
16k
What’s in a name? Adding method to the madness
Avatar for Product Marketing Alliance productmarketing
PRO
24
3.8k
KATA
Avatar for Megan Lloyd mclloyd
PRO
32
15k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
Avatar for Morgane Peng morganepeng
132
19k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
Avatar for Kevin Liebholz kevinliebholz
36
6.2k
The Cult of Friendly URLs
Avatar for Andy Hume andyhume
79
6.7k
What's in a price? How to price your products and services
Avatar for Michael Herold michaelherold
246
12k
Fashionably flexible responsive web design (full day workshop)
Avatar for Andy Clarke malarkey
407
66k
Embracing the Ebb and Flow
Avatar for Simon Collison colly
88
4.9k

Transcript

  1. … in production Protecting static files in your web app

  2. X-Sendfile HTTP header

  3. GET /video.ogv video.ogv web server web app check permissions +

    set header check header + serve file

  4. from django.http import HttpResponse from django.utils.encoding import smart_str def sendfile(request,

    filename, **kwargs): # check requesting user’s permissions response = HttpResponse() response['X-Sendfile'] = smart_str(unicode(filename)) return response django-sendfile/sendfile/backends/xsendfile.py

  5. <VirtualHost *:80> XSendFile On # ... </VirtualHost> /etc/apache2/sites-available/example.de

  6. Apache2: X-Sendfile nginx: X-Accel-Redirect Lighttpd: X-LIGHTTPD-send-file

  7. github.com/dAnjou/xsendfile-example [email protected]