Django - Understanding X-Sendfile

Question

I\'ve been doing some research regarding file downloads with access control, using Django. My goal is to completely block access to a file, except when accessed by a specifi

Answer 1

1. Yes, that's just how it works.
2. The exact implementation depends on the webserver but in the case of nginx, it's recommended to mark the location as internal to prevent external access.
3. Nginx can asynchronously serve files while with Django you need one thread per request which can get problematic for higher numbers of parallel requests.

Remember to send a X-Accel-Redirect header for nginx instead of X-Sendfile. See http://wiki.nginx.org/XSendfile for more information.