Last week, we had the author of TDD for a Shopping Website LiveProject. Friday at 11am Ranch time, Steven Solomon will be hosting a live TDD session just for us. See for the agenda and registration link
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Jeanne Boyarsky
  • Tim Cooke
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Frits Walraven
Bartenders:
  • Piet Souris
  • Himai Minh

Security-Constraint

 
Ranch Hand
Posts: 88
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

I have an application developed using Struts 1.3 and Tomcat 5.5 which
provides a download service. This was implemented using the downloadAction
provided with the struts api.

The application enables users to download various types of files including pdfs, zip, and text files, simply by clicking at various links. Doing so
brings up the dialog box with "open", "save", and "cancel" buttons. If I select "open", the downloaded resource will open up. As it stands the application works fine.

If however I throw a security blanket around it using BASIC authentication +
an entry for <security-costraint>,
i run into a problem. When a verified user clicks on a link to download
a resource, the user is prompted with the 'open','save', 'cancel' dialog
as before.

Clicking on the open button will now no longer display the resource in a
separate window. For example where previously, pdf files were displayed successfully, I now get an error message: "There was an error opening this
document. The file cannot be found". If I select the save option, the resource is saved correctly and can be inspected/viewed without problems.

What's causing this?

Is there a solution to this which will enable users to open resources
that can be downloaded.

kind regards,

Mo
[ June 08, 2007: Message edited by: mo sayed ]
 
mo sayed
Ranch Hand
Posts: 88
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Success !!!
Managed to resolve this.

What's causing this?


This is possibly linked to a bug reported in IE4 and which
appears to still exist in IE 6. The actual problem occurs when
a pdf/csv response is sent back over https.
You can resolve this by adding the following header content
to your response.


regards
Mo
 
See ya later boys, I think I'm in love. Oh wait, she's just a tiny ad:
Free, earth friendly heat - from the CodeRanch trailboss
https://www.kickstarter.com/projects/paulwheaton/free-heat
reply
    Bookmark Topic Watch Topic
  • New Topic