I am serving restricted downloads in rails using X-Accel-Redirect
with nginx. To validate my downloads in client app, i am trying to send the checksum in the non standard HTTP header Content-MD5
to the X-Accel-Redirect
request. But this is not working.
below the rails snippet used to do the redirection
headers['X-Accel-Redirect'] = '/download_public/uploads/stories/' + params[:story_id] +'/' + params[:story_id] + '.zip'
headers['X-Accel-Expires'] = 'max'
checksum = Digest::MD5.file(Rails.root.dirname.to_s+'/public/uploads/stories/' + params[:story_id] +'/' + params[:story_id] + '.zip').hexdigest
headers['Content-MD5'] = checksum
request.session_options[:skip] = true
render :nothing => true, :content_type => MIME::Types.type_for('.zip').first.content_type
This is the nginx section
location /download_public {
internal;
proxy_pass_header Content-MD5;
add_header Cache-Control "public, max-age=315360000";
add_header Content-Disposition "inline";
alias /var/www/sss/public;
}
This is not working apparently. I am not able to get the Content-MD5 header in my responses. Is there any way to pass my Content-MD5 header from rails?
I know there are ways to do that entirely in nginx, like compiling nginx with perl or lua and easily calculate the MD5 on the fly. But i dont want to do that.
Any help is much appreciated.
Use add_header Content-MD5 $upstream_http_content_md5;
Since X-Accel-Redirect
causes internal redirect nginx will not send returned headers, but it will keep them in $upstream_http_...
variables. So you could use them.