032_nginx配置文件安全下载


一、

server {
    listen 8866;
    server_name _;
    access_log /usr/local/etc/nginx/log/download.access.log main;
    error_log /usr/local/etc/nginx/log/download.error.log;
    location / {
      root /usr/local/etc/nginx/aruntestdir;
      if ($request_filename ~* ^.*?\.(html|zip|gz)$){     #不能为空
              add_header Content-Disposition: 'attachment;';
	      add_header Content-Type: 'APPLICATION/OCTET-STREAM';
      }
    }
}

测试:

如下图所示在nginx的返回的网页Respons中添加头字段.

 

Request头解释:

<1>$request_filename

file path for the current request, based on the root or alias directives, and the request URI

<2>Content-Disposition

    In a regular HTTP response, the Content-Disposition response header is a header indicating if the content is expected to be displayed inline in the browser, that is, as a Web page or as part of a Web page, or as an attachment, that is downloaded and saved locally.
    attachment (indicating it should be downloaded; most browsers presenting a 'Save as' dialog

Reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Disposition

<3>Content-Type

    The Content-Type entity header is used to indicate the media type of the resource.In responses, a Content-Type header tells the client what the content type of the returned content actually is.
    application/octet-stream meaning "download this file"

扩展:
What are MIME types?
MIME types describe the media type of content either in email or served by web servers or web applications and are intended to help guide a web browser in how the content is to be processed and displayed. Examples of MIME types are:

text/html for normal web pages
text/plain for plain text
text/css for Cascading Style Sheets
text/javascript for scripts
application/octet-stream meaning "download this file"
application/x-java-applet for Java applets
application/pdf for PDF documents

Reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Type 

二、附下载python脚本

#!/usr/bin/env python
import os
import urllib
def Schedule(blocks, blocksize, totalsizeofile):
    """
    The third argument, if present, is a hook function that will be called once on establishment of the network connection
    and once after each block read thereafter.
    The third argument may be -1 on older FTP servers which do not return a file size in response to a retrieval request.

    The hook will be passed three arguments;
    :param blocks: a count of blocks transferred so far
    :param blocksize:  a block size in bytes
    :param totalsizeofile: the total size of the file.
    :return:
    """
    percent = 100.0 * blocks * blocksize / totalsizeofile
    if percent > 100 :
        percent = 100
    print '%.2f %%' % percent
if __name__ == "__main__":
    url = 'http://127.0.0.1:8088/downtest.html'    #download url
    local = os.path.join('/tmp','downtest.html')   #local path + filename
    #If no Content-Length header was supplied, urlretrieve() can not check the size of the data it has downloaded,
    # and just returns it. In this case you just have to assume that the download was successful.
    urllib.urlretrieve(url, local, Schedule)

 

posted @ 2018-06-02 20:35  arun_yh  阅读(308)  评论(0编辑  收藏  举报