[Bug 37603] New: Protect static files served by Apache
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=37603 Bug ID: 37603 Summary: Protect static files served by Apache Change sponsored?: --- Product: Koha Version: Main Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Architecture, internals, and plumbing Assignee: koha-bugs@lists.koha-community.org Reporter: dcook@prosentient.com.au QA Contact: testopia@bugs.koha-community.org There are times where it would be great to generate a large file in the background and then alert the user when it's ready to download. The problem at the moment is that proxying with Plack::App::CGIBin can lead to timeouts, and serving directly with Apache means no authentication/authorization checks. This morning I realised though that we could actually use mod_perl to write a Perl-based auth handler for Apache. (It looks like Nginx has a ngx_http_perl_module equivalent as well.) It would mean bolting on another dependency, but it's an interesting idea... Of course, an alternative would be to just go with something like bug 31380. That would be serving a static file via Starman, so it wouldn't be as efficient as Apache, but it wouldn't timeout like Plack::App::CGIBin... -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=37603 David Cook <dcook@prosentient.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.koha-community | |.org/bugzilla3/show_bug.cgi | |?id=31380 -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=37603 --- Comment #1 from David Cook <dcook@prosentient.com.au> --- I suppose we could actually use "mod_authnz_fcgi" and https://metacpan.org/pod/Plack::Handler::FCGI to run a backend Koha authenticator. Although it looks like mod_authnz_fcgi only supports TCP sockets and not Unix sockets, unfortunately. That's a buzzkill. I guess there could be 1 FCGI Koha authenticator which serves all Koha instances on a server. That would probably be more efficient anyway. Interesting idea... -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org