Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
freem
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Openai/693d2c26-d52c-8010-af9d-5870274165bf
(section)
Add languages
Page
Discussion
English
Read
Edit
Edit source
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
Edit source
View history
General
What links here
Related changes
Special pages
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== gpt-5-1-thinking == === User: the X-Accel-Redirect is a response header. === the X-Accel-Redirect is a response header. this means that our backed will be returning it. this is not a header that the frontend or our users send. when nginx sees this header in the response, it will look at the uri attached to it and match it to a directory we define in our nginx virtual hosts configuration file. it will then serve the file our backend specified from that directory. -- explain === Assistant: Think of X-Accel-Redirect as a secret note your backend hands to nginx saying: === Think of X-Accel-Redirect as a secret note your backend hands to nginx saying: : “Don’t send this response body. Instead, quietly go fetch that file from over there and send that to the user.” Breaking your text down: : “the X-Accel-Redirect is a response header. this means that our backend will be returning it.” * Your backend (app server) adds a header like: X-Accel-Redirect: /protected/files/manual.pdf * The client never sends this header. It only comes from your backend to nginx. : “this is not a header that the frontend or our users send.” * Correct. Browsers / frontends don’t know or care about this header. * It’s an internal contract between your app and nginx. : “when nginx sees this header in the response, it will look at the uri attached to it and match it to a directory we define in our nginx virtual hosts configuration file.” * In nginx config, you define special internal locations, for example: ``<code>nginx location /protected/ { internal; alias /var/www/secret_files/; } </code>`` * The value of X-Accel-Redirect must match one of these locations, such as /protected/manual.pdf. : “it will then serve the file our backend specified from that directory.” * When nginx sees X-Accel-Redirect: /protected/manual.pdf: 1. It ignores any body your backend was going to send. 2. It internally maps /protected/manual.pdf to /var/www/secret_files/manual.pdf. 3. It streams that file to the user as the response. 4. The user just sees a normal file download; they never see /protected/... and never see X-Accel-Redirect. ===== Why this is useful ===== * Your backend: - Handles authentication/authorization. - Decides which file the user is allowed to get. * nginx: - Handles efficient file serving (large files, caching, zero-copy sendfile, etc.). So the flow is: # User requests /download/123. # Backend checks permissions, finds it maps to /protected/manual.pdf. # Backend responds with headers (status 200, maybe some Content-Type, and X-Accel-Redirect: /protected/manual.pdf) and usually an empty body. # nginx intercepts X-Accel-Redirect, internally fetches /protected/manual.pdf from the configured directory, and streams it to the user. Result: your app controls access, nginx does the heavy lifting of serving the actual file 🧱📂.
Summary:
Please note that all contributions to freem are considered to be released under the Creative Commons Attribution-ShareAlike 4.0 (see
Freem:Copyrights
for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource.
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
