Rails の controller 側
class DownloadController < ApplicationController def action # 認証処理 ... resource_id = 2 resource = Resource.find resource_id response.header['X-Accel-Redirect'] = '/reproxy' response.header['X-Reproxy-URL'] = resource.data_url render nothing: true end end
nginx の 設定
upstream hoge_sock { server unix:/var/www/html/hoge/current/tmp/sockets/unicorn.sock fail_timeout=0; } server { listen 80 default; server_name hoge.com; root /var/www/html/hoge/current/public; client_max_body_size 10M; access_log /var/log/nginx/access_hoge.log; error_log /var/log/nginx/error_hoge.log; location / { try_files $uri $uri/index.html @unicorn; } location ~ /\. { deny all; } location /reproxy { internal; resolver 8.8.8.8; set $reproxy $upstream_http_x_reproxy_url; proxy_pass $reproxy; # コンテントタイプを隠す場合 proxy_hide_header Content-Type; # 認証ヘッダを削除 proxy_set_header Authorization ""; } location @unicorn { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_pass http://hoge_sock; } }
S3の方に、無駄なヘッダーを送るとダウンロードできないようです。