Last week, we had the author of TDD for a Shopping Website LiveProject. Friday at 11am Ranch time, Steven Solomon will be hosting a live TDD session just for us. See for the agenda and registration link
I have an application developed using Struts 1.3 and Tomcat 5.5 which provides a download service. This was implemented using the downloadAction provided with the struts api.
The application enables users to download various types of files including pdfs, zip, and text files, simply by clicking at various links. Doing so brings up the dialog box with "open", "save", and "cancel" buttons. If I select "open", the downloaded resource will open up. As it stands the application works fine.
If however I throw a security blanket around it using BASIC authentication + an entry for <security-costraint>, i run into a problem. When a verified user clicks on a link to download a resource, the user is prompted with the 'open','save', 'cancel' dialog as before.
Clicking on the open button will now no longer display the resource in a separate window. For example where previously, pdf files were displayed successfully, I now get an error message: "There was an error opening this document. The file cannot be found". If I select the save option, the resource is saved correctly and can be inspected/viewed without problems.
What's causing this?
Is there a solution to this which will enable users to open resources that can be downloaded.
This is possibly linked to a bug reported in IE4 and which appears to still exist in IE 6. The actual problem occurs when a pdf/csv response is sent back over https. You can resolve this by adding the following header content to your response.