我正在使用mod_xsendfile(v0.12)来提供静态文件,其中Django根据用户和权限控制对文件的访问。
在我的conf文件中,我有:
XSendFile On
XSendFilePath e:/documents/
<Directory e:/Documents>
Order allow,deny
Allow from all
</Directory>
在我的django代码中,我设置了标题:
assert(isinstance(filename, FieldFile))
xsendfile = filename.name
if(platform.system() == 'Windows'):
xsendfile = xsendfile.replace('\\', '/')
response = HttpResponse()
response['X-Sendfile'] = xsendfile
mimetype = mimetypes.guess_type(xsendfile)[0]
response['Content-Type'] = mimetype
response['Content-Length'] = filename.size
在我的日志文件中,我得到:
[Fri Oct 22 08:54:22 2010] [error] [client 192.168.20.34] (20023)The given path
was above the root path: xsendfile: unable to find file:
e:/Documents/3/2010-10-20/TestDocument.pdf
在此版本的mod_xsendfile中,
XSendFileAllowAbove On
生成错误:
Invalid command 'XSendFileAllowAbove', perhaps misspelled or defined by a module
not included in the server configuration
我认为那是因为他们添加了XSendFilePath白名单。其他人有这个工作吗?
答案 0 :(得分:13)
不要自己设置内容长度。在这种情况下,这只会混淆mod_wsgi之类的处理程序。 mod_xsendfile本身将设置正确的Content-Length。
在Windows上,您不仅必须提供驱动器号,驱动器号必须实际为大写(IIRC)!
我有一个像这样的工作测试配置:
<Directory "E:/">
XSendFile on
XSendFilePath E:/localhosts
</Directory>
我在E:/Apache2.2/htdocs/中的一个工作测试脚本如下所示:
<?php
header('X-SendFile: E:/localhosts/archive.tar.bz2');
header('Content-type: application/octet-stream');
header('Content-disposition: attachment; filename="blob"');
?>
XSendFileAllowAbove被删除了一段时间,转而支持XSendFilePath
答案 1 :(得分:2)
在配置XSendfile路径的大部分时间里,我遇到了很多麻烦。
这是我在Windows上测试几个方案以查看错误的内容(跳转到此帖子的末尾以查看结论广告建议):
<?php
/* X-SENDFILE
* This can be a b*tch to configure. So I'm writing various scenarios here so that I can rely on them in the future.
* Example use: after re-installing XAMPP, after changing config file, in a new script, after some time without using it...
* Tested on Windows 7 + XAMPP (Apache/2.4.3, PHP/5.4.7) + mod_xsendfile 1.0-P1 for Apache 2.4.x Win32
*/
/** Environment Debug **/
//echo dirname(__FILE__); die();
//echo $_SERVER['DOCUMENT_ROOT']; die();
/** The damn fucking path, with comments **/
// Local file in execution directory.
// Tested with: *no* XSendFilePath inside of the Apache config
// Result: works fine.
//header("X-Sendfile: " . 'localfile.zip' );
// Local file in execution directory + relative path
// Tested with: *no* XSendFilePath inside of the Apache config
// Result: works fine.
//header("X-Sendfile: " . '../xsendfile/localfile.zip' );
// Local file in execution directory + absolute pathS
// Tested with: *no* XSendFilePath inside of the Apache config
// Result: works fine and a lot of flexibility on the slash and letter drive format combinations *BUT* case-sensitive
//header("X-Sendfile: " . 'D:\Dropbox\XAMPP\web\tests\Languages\Apache\xsendfile\localfile.zip' ); // works fine
//header("X-Sendfile: " . '\Dropbox\XAMPP\web\tests\Languages\Apache\xsendfile\localfile.zip' ); // works fine
//header("X-Sendfile: " . 'D:/Dropbox/XAMPP/web/tests/Languages/Apache/xsendfile/localfile.zip' ); // works fine
//header("X-Sendfile: " . '/Dropbox/XAMPP/web/tests/Languages/Apache/xsendfile/localfile.zip' ); // works fine
//header("X-Sendfile: " . '/dropbox/XAMPP/web/tests/Languages/Apache/xsendfile/localfile.zip' ); // FAILS (case-sensitive)
// File in the XSendFilePath directory + Absolute path
// Tested with: XSendFilePath D:\Dropbox\XAMPP\web -- Mind the backward slashes
// Result: FAILS! error.log => [Wed Feb 20 19:08:02.617971 2013] [:error] [pid 15096:tid 1768] (20023)The given path was above the root path: [client ::1:56658] xsendfile: unable to find file: D:\\Dropbox\\XAMPP\\web\\xsfile.zip
//header("X-Sendfile: " . 'D:\Dropbox\XAMPP\web\xsfile.zip' );
// File in the XSendFilePath directory + Absolute path
// Tested with: XSendFilePath D:/Dropbox/XAMPP/web <== mind the forward slashes this time
// Result: WORKS! Conclusion: XSendFilePath needs use forward slashes on Windows AND we don't need any trailing slash in it.
header("X-Sendfile: " . 'D:\Dropbox\XAMPP\web\xsfile.zip' );
/** We might wanna test also:
* - How does backward slashes in both XSendfilePath and the header combine?
* - The use of subdirectories.
* /
/** The rest of the headers (until otherwise stated, nothing special) **/
header("Content-Type: application/zip");
header("Content-Disposition: attachment; filename=\"" . 'blah.zip' . "\"");
header("Content-Transfer-Encoding: binary");
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: public");
header("Content-Description: File Transfer");
/** Tell the script to stop (so the file download may start) **/
die();
?>
所以,基本上,对于Windows上的X-Sendfile,请确保:
希望它有所帮助! 法比安