headers
hash:
response.headers['X-Sendfile'] = file_path
response.headers['Content-Type'] = 'application/octet-stream'
response.headers['Content-Disposition'] = "attachment; file=\"#{file_name}\""
response.headers['Content-Length'] = File.size(file_path)
Web server configuration
Of course, the front end web server must be properly configured to recognize and
process the X-Sendfile header. Mongrel does not support X-Sendfile, as it assumes
you will proxy to it from a server more capable of serving static content.
If you are using Lighttpd, it has X-Sendfile support built in. For Lighttpd/FastCGI,
just enable the allow-x-send-file option in the server configuration:
fastcgi.server = (
".fcgi" => (
"localhost" => (
...
"allow-x-send-file" => "enable",
...
)
)
)
If you are using Apache 2, things are a little more complicated (although not by
much). You have to install the mod_xsendfile module* into Apache. There are two
configuration flags, both accepting on/off values, which can then be used to control
X-Sendfile behavior:
XSendFile
Determines whether the X-Sendfile header is processed at all.
XsendFileAllowAbove
Determines whether that header can send files above the path of the request. It
defaults to off for security reasons.
Both of these configuration options can be used in any configuration context, down
to the .htaccess file (per-directory). Best practice dictates that you should only specify
XSendFile on in the narrowest possible context.
Pages:
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167