I am trying to configure Rails production server with Apache 2.2, Passenger 4.0.59 and XSendFile 0.12. Application is deployed via Capistrano.
Deployed application produces (maybe large) PDF to #{Rails.root}/tmp
and serves this file using send_file
.
The problem is that Capistrano uses symlinks to point to currently deployed version of application. XSendFile on the other hand dereferences symlinks and refuses to serve a file if its real location is outside document root even if it is allowed by XSendFilePath
. Apache's error.log states:
(20023)The given path was above the root path: xsendfile: unable to find file: /resolved/path/to/file.pdf
Everything works well when I set PassengerAppRoot
and XSendFilePath
to the real location of current version of application, without symlinks on the path. But it's OK until next deploy, which requires apache reconfiguration. Not very useful.
How should I configure Capistrano deploy and XSendFile parameters to make it work together?
I tried solutions with ln -nFs
described in Capistrano & X-Sendfile and in mod_xsendfile with symbolic links but none works.
I finally managed to make it work. A few tips for the ones who will have problems with XSendFile
XSendFilePath
to user's $HOME
, there are no symlinks on the path to $HOME
, so it works. I can accept this from functional and security point of view, but it is obviously a workaround.XSendFilePath
is sensitive to paths containing multiple slashes /like//this
. I am using apache macros and while concatenatingXSendFilePath
parameter from a few macro parameters I put some obsolete slashes. This caused XSendFile to refuse to send files.Good luck!