6.0.0-beta1
7/7/25

[#6411] Replace vfs-direct with X-Sendfile support
Summary Replace vfs-direct with X-Sendfile support
Queue Ansel
Type Enhancement
State Resolved
Priority 1. Low
Owners mrubinsk (at) horde (dot) org
Requester mrubinsk (at) horde (dot) org
Created 03/09/2008 (6329 days ago)
Due
Updated 05/21/2008 (6256 days ago)
Assigned 03/15/2008 (6323 days ago)
Resolved 05/21/2008 (6256 days ago)
Milestone
Patch No

History
05/21/2008 08:53:46 PM Michael Rubinsky Comment #9
State ⇒ Resolved
Reply to this comment
Done
05/18/2008 03:37:41 AM Chuck Hagenbuch Comment #8
Assigned to Michael Rubinsky
Taken from Chuck Hagenbuch
Reply to this comment
Done. You can use the new VFS::readFile() method to get a local file 
for use with x-sendfile. With the file backend it'll just return the 
local filename - a much cleaner solution for vfs-direct that should be 
just about as fast.
03/15/2008 08:42:39 PM Michael Rubinsky Comment #7
Assigned to Chuck Hagenbuch
State ⇒ Assigned
Reply to this comment
Chuck, assigning to you since you said you had VFS api changes to 
support this...

you can kick it back to me if I am mistaken :)
03/10/2008 02:34:36 PM Michael Rubinsky Comment #6 Reply to this comment
Yep, exactly.  What I'm suggesting is to keep it as an *option*, in 
addition to the X-Sendfile, for those sites that are OK with the 
photos being accessible without permissions checking.



If not, I don't feel strongly about it. It was just a thought.
03/10/2008 08:43:42 AM Jan Schneider Comment #5 Reply to this comment
Which is good because it allows us to check permissions. If we could 
shortcircuit permission checking even better, but at the moment 
permissions aren't checked at all. I don't know if we deem security by 
obscurity through hard to guess path/file names sufficient.
03/09/2008 10:06:36 PM Michael Rubinsky Comment #4 Reply to this comment
Would it still be worth keeping vfs-direct as an option though for 
those sites that are OK with allowing it?  For Ansel, at least, it 
would save having to load an Ansel_Image object from the database just 
to get the VFS path to send with X-Sendfile header...
03/09/2008 05:41:35 AM Chuck Hagenbuch Comment #3 Reply to this comment
It's also more flexible than vfs-direct, since we can use it anytime 
it's more efficient to get a local file out of the VFS - with the FTP 
backend, for example.



I have some ideas on API changes to VFS for this and then 
BC-compatible ways to use them in Ansel, Gollem, maybe IMP too.
03/09/2008 05:39:17 AM Michael Rubinsky Comment #2
State ⇒ Accepted
Reply to this comment
...although just a note that mod_xsendfile for Apache is 2.x only.
03/09/2008 05:37:57 AM Michael Rubinsky Comment #1
Priority ⇒ 1. Low
State ⇒ New
Queue ⇒ Ansel
Summary ⇒ Replace vfs-direct with X-Sendfile support
Type ⇒ Enhancement
Reply to this comment
From Jan:

How about deprecating vfs-direct in Ansel for X-Sendfile support?

http://tn123.ath.cx/mod_xsendfile/

Works with both Apache and Lighttpd, fixes the permissions problem,

and the admins don't have to do much more configuration than with the

vfs-direct feature.


Saved Queries