This is essentially already implemented, see the class side of
MAExternalFileModel or the PRFileSettings widget to change these
properties from the web. The problem with Apache serving is that the
directories have to be obfuscated to not loose security. This is not a
problem for downloads, but for style-sheets for example that sometimes
use relative references to other files. Using X-Sendfile this could be
fixed relatively easy, but this is a non-standard Apache module.
I think there are 2 usage scenarios with different needs:
a) files are actually documents with security - i.e. someone has uplaoded pdf with perliminary financial results
b) files that are used as part of templates, css and similar. which need no security on read side, but need offloading to proxy
a) is served pretty well within current framework
b) does not fit well within current framework since it is difficult to offload to proxy
Maybe the solution is not trying to fit those 2 into one thing but handle them separately.
rush