httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Bligh <>
Subject Re: [users@httpd] Secure htaccess in a non-SSL Apache (and withoutDigest...)
Date Thu, 09 Aug 2012 20:31:27 GMT

--On 29 June 2012 15:08:44 +0100 Alex Bligh <> wrote:

>> You have talked about perl and mod_perl. I understand that you can
>> override htaccess to use a self-made bit of Perl code that process it and
>> check the token. Is this right?
> You don't need to override htaccess.
> Here's a piece of perl found through a random google search to send
> a file:
> You'll need to change the header as appropriate. Drop that in as
> a CGI script (there are a million examples of perl CGI howtos).
> It would be more efficient if it used sendfile.
> All you need to do is modify that perl CGI script to check the
> GET parameters. My idea was simply to use parameters for your video
> name, the time, the user, and perhaps a random nonce, and also pass
> a hash of those. So, CGI document is here:
> and you might want to do something like (completely untested):

Well, guess what, I needed to do this myself. So for anyone else
who wants to do it, see:

Alex Bligh

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message