I know that a patch for the NginxHttpSecureLinkModule currently exists
which brings TTL support. The patch is for 0.7.59 and doesn’t seem to
work with the latest version. Is there any chance that this
functionallity will be built into the NginxHttpSecureLinkModule
directly, or is anybody planning on releasing a module similar to
NginxHttpSecureLinkModule with this support?
I’m sure for most people out there, TTL support is critical to creating
secure links. This would duplicate the functionally that Amazon S3
provides with their “expiring” links.
Second question, as I’ve seen this go both ways in testing - does the
module support variables when defining the secure_link_secret? This
would be necessary if one wanted to add the IP address of the client to
the secret, to ensure the link would only work for the given client.
Couple that with TTL, and you have a very powerful link protection
system: secure_link_secret secret_word$remote_addr;