I'm wondering if there is a best practice for providing a secure way to download files without exposing the webservers directory structure.
It seems that there is no symfony plugin specialized to this functionality.
On the other side I just found lots of articles "guessing" some php snippets, but no real professional and reliable information.
These examples vary from using X-Sendfile or X-LIGHTTPD-send-file Header, or even printing the file data directly with readfile() or print(fread(...)).
For me it seems that using the X-Sendfile or X-LIGHTTPD-send-file Header is the easiest way of providing a secure download.
But anyway, I have no experience with this kind of download...
Can you tell me what and how you do secure downloads. What are the pros and cons?
Maybe you know an article providing some good information about these kinds of downloads.
Thanx in advance!