diff options
| author | Andreas Fischer <bantu@phpbb.com> | 2011-01-13 00:46:19 +0100 |
|---|---|---|
| committer | Andreas Fischer <bantu@phpbb.com> | 2011-01-17 22:37:53 +0100 |
| commit | 6bbdc129c09b781007863fc49a9c7f9f3b1cf157 (patch) | |
| tree | 94dae6125f08a0a52a9e3ed6ecb01297d3a4e50c | |
| parent | 19931713db35307461bfe0784f32526d24caf912 (diff) | |
| download | forums-6bbdc129c09b781007863fc49a9c7f9f3b1cf157.tar forums-6bbdc129c09b781007863fc49a9c7f9f3b1cf157.tar.gz forums-6bbdc129c09b781007863fc49a9c7f9f3b1cf157.tar.bz2 forums-6bbdc129c09b781007863fc49a9c7f9f3b1cf157.tar.xz forums-6bbdc129c09b781007863fc49a9c7f9f3b1cf157.zip | |
[ticket/9790] Support for nginx's X-Accel-Redirect header for attachments.
PHPBB3-9790
| -rw-r--r-- | phpBB/docs/nginx.sample.conf | 8 | ||||
| -rw-r--r-- | phpBB/includes/functions_download.php | 10 |
2 files changed, 18 insertions, 0 deletions
diff --git a/phpBB/docs/nginx.sample.conf b/phpBB/docs/nginx.sample.conf index a22a126ff4..f74e988922 100644 --- a/phpBB/docs/nginx.sample.conf +++ b/phpBB/docs/nginx.sample.conf @@ -3,6 +3,14 @@ # from your system's nginx.conf. # Tested with nginx 0.8.35. +# If you want to use the X-Accel-Redirect feature, +# add the following to your config.php. +# +# define('PHPBB_ENABLE_X_ACCEL_REDIRECT', true); +# +# See http://wiki.nginx.org/XSendfile for the details +# on X-Accel-Redirect. + http { # Compression - requires gzip and gzip static modules. gzip on; diff --git a/phpBB/includes/functions_download.php b/phpBB/includes/functions_download.php index 80b71f1301..4c8f539979 100644 --- a/phpBB/includes/functions_download.php +++ b/phpBB/includes/functions_download.php @@ -229,6 +229,16 @@ function send_file_to_browser($attachment, $upload_dir, $category) if (!set_modified_headers($attachment['filetime'], $user->browser)) { + // We make sure those have to be enabled manually by defining a constant + // because of the potential disclosure of full attachment path + // in case support for features is absent in the webserver software. + if (defined('PHPBB_ENABLE_X_ACCEL_REDIRECT') && PHPBB_ENABLE_X_ACCEL_REDIRECT) + { + // X-Accel-Redirect - http://wiki.nginx.org/XSendfile + header('X-Accel-Redirect: ' . $user->page['root_script_path'] . $upload_dir . '/' . $attachment['physical_filename']); + exit; + } + // Try to deliver in chunks @set_time_limit(0); |