method

send_file

Importance_5
v1.1.6 - Show latest stable - 4 notes - Class: ActionController::Streaming
send_file(path, options = {}) protected

Sends the file by streaming it 4096 bytes at a time. This way the whole file doesn’t need to be read into memory at once. This makes it feasible to send even large files.

Be careful to sanitize the path parameter if it coming from a web page. send_file(params[:path]) allows a malicious user to download any file on your server.

Options:

  • :filename - suggests a filename for the browser to use. Defaults to File.basename(path).
  • :type - specifies an HTTP content type. Defaults to ‘application/octet-stream’.
  • :disposition - specifies whether the file will be shown inline or downloaded. Valid values are ‘inline’ and ‘attachment’ (default).
  • :stream - whether to send the file to the user agent as it is read (true) or to read the entire file before sending (false). Defaults to true.
  • :buffer_size - specifies size (in bytes) of the buffer used to stream the file. Defaults to 4096.
  • :status - specifies the status code to send with the response. Defaults to ‘200 OK’.

The default Content-Type and Content-Disposition headers are set to download arbitrary binary files in as many browsers as possible. IE versions 4, 5, 5.5, and 6 are all known to have a variety of quirks (especially when downloading over SSL).

Simple download:

  send_file '/path/to.zip'

Show a JPEG in the browser:

  send_file '/path/to.jpeg', :type => 'image/jpeg', :disposition => 'inline'

Show a 404 page in the browser:

  send_file '/path/to/404.html, :type => 'text/html; charset=utf-8', :status => 404

Read about the other Content-* HTTP headers if you’d like to provide the user with more information (such as Content-Description). http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11

Also be aware that the document may be cached by proxies and browsers. The Pragma and Cache-Control headers declare how the file may be cached by intermediaries. They default to require clients to validate with the server before releasing cached responses. See http://www.mnot.net/cache_docs/ for an overview of web caching and http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9 for the Cache-Control header spec.

Show source
Register or log in to add new notes.
June 26, 2008
9 thanks

x-sendfile

Rails 2.1 supports the x_sendfile apache module:

send_file '/path/to.png', :x_sendfile => true, :type => 'image/png'
August 8, 2008
2 thanks

X-Sendfile equivalent for Nginx

Nginx supports a similar http header to X-Sendfile called X-Accel-Redirect.

Set the X_SENDFILE_HEADER constant somewhere (eg in your environment.rb) file:

ActionController::Streaming::X_SENDFILE_HEADER = 'X-Accel-Redirect'  

Then you can use x_sendfile => true as usual.

More here: http://wiki.codemongers.com/NginxXSendfile

December 16, 2009
0 thanks

path

send_file always uses the absolute path /www/somewebsite/public/downloads/file

January 24, 2011
0 thanks

Does not respond to ajax call

I inherited some code that used form_remote_tag. send_file and send_data did not work.

Changing from from_remote_tag to form_tag and all worked as expected.