'Non-parsed headers' (NPH) is a term used for the way CGI scripts can send data directly to the browser without the web server caching the response first. If the server caches the response, it has to store the entire response in memory before passing it to the browser. In the case of digital download, it means the server has to store the entire digital file in memory before passing it along to the client. This can cause problems since files can be very large.
By default, the download script uses NPH for efficiency, but on some systems, this can cause problems. To disable NPH, take the following steps:
1. In the Actinic directory, rename 'nph-download.pl' to 'download.pl'
2. Update the web site
The digital download scripts use two keys to secure the identity of the digital product and the time frame allowed to download the file. One key is a light encryption key for the CGI parameters. The other is a signature key. You don't have to know anything about security, encryption or digital signatures to change them.
Why would you want to change them? If these keys are known, someone could possibly extend the time allowed to download the files or select files that they are not authorized to download. It would be difficult, but possible. If you have the same keys as other Actinic digital download merchants, they (at least) will know your keys.
The light encryption key is a single byte value stored as a hex number. A hex number is a number represented by digits 0-9 and a-f (e.g. "a928fd9c"). A single byte hex number is only two digits long (e.g. "a9", "23", "ad" or "3c"). To change the value:
1. Edit digdown.pm using Notepad. It can be found in the Actinic site directory.
2. Find
the line where the key is set and change it. In Perl, hex digits must be
preceded by "0x". E.g. change:
$DigitalDownload::XORKEY =
0xd1;
to
$DigitalDownload::XORKEY = 0x4c;
3. Save your changes and upload the file to the server
The signature key is a text string containing any characters. To change the value:
1. Edit 'digdown.pm' using Notepad. It can be found in the Actinic site directory.
2. Find
the line where the key is set and change it. E.g.
change
$DigitalDownload::SIGKEY = 'HairyMonkey';
to
$DigitalDownload::SIGKEY = 'GoofBall';
3. Save your changes and upload the file to the server
By default, the link to download the files is a relative link from the receipt page. This means the browser will expect to find the script in the same URL as the receipt page (the Actinic order script).
This can cause a problem if the receipt is displayed using SSL (HTTPS) because SSL consumes more CPU than regular HTTP. If you download large files via HTTPS you may suffer performance problems on the server.
If you want the download script to be accessed from a different URL than the receipt, take the following steps:
1. Edit 'digdown.pm' using Notepad. It can be found in the Actinic site directory.
2. Find
the line where the base URL is set and change it. By default is it set to ''
which means it will be relative to the receipt page. The URL you enter must end
in a trailing slash, but can be relative to the receipt page if you choose. E.g.
if you want to do the download via http instead https on your
server.
$DigitalDownload::CGIBINURL = '';
to
$DigitalDownload::CGIBINURL = 'http://www.myserver.com/cgi-bin/';
3. Save your changes and upload the file to the server.