[
https://jira.nuxeo.com/browse/NXP-7759?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Thierry Delprat resolved NXP-7759.
----------------------------------
Resolution: Fixed
Component/s: (was: Core)
Web UI
http://hg.nuxeo.org/nuxeo/nuxeo-jsf/rev/fcff9e9a4144
> IE fails to download Office documents behind SSL VPN
> ----------------------------------------------------
>
> Key: NXP-7759
> URL: https://jira.nuxeo.com/browse/NXP-7759
> Project: Nuxeo Enterprise Platform
> Issue Type: Bug
> Components: Web UI
> Affects Versions: 5.4.2
> Environment: Windows 2008 Server
> Reporter: Alistair Bradbrook
> Assignee: Thierry Delprat
> Priority: Critical
> Fix For: 5.5
>
>
> We are running Nuxeo 5.4.2 DM behind an SSL firewall which acts a little
> like a reverse proxy in that it appends an https address to a virtual URL so
> the user is running all communications to the SSL box within HTTPS and this
> then communicates to the relevant server behind the firewall which are
> running at HTTP.
> We have a problem that the code in this update
> http://hg.nuxeo.org/nuxeo/nuxeo-jsf/rev/aaac88ce8052 works perfectly,
> however since the SSL box adds https at the last moment, an IE browser
> trying to download via a virtual https address is seen by this code as not
> running at https, hopefully that makes sense?
> The HTTP header for this error is as follows:
> HTTP/1.1 200 OK
> Server: Apache-Coyote/1.1
> Cache-Control: private, must-revalidate
> Expires: Thu, 01 Jan 1970 00:00:00 GMT
> X-Powered-By: JSF/1.2
> Content-Disposition: attachment;
> filename=Morning%20and%20Evening%20Briefs.docx;
> Pragma: no-cache
> Content-Type:
> application/vnd.openxmlformats-officedocument.wordprocessingml.document
> Content-Length: 11954
> Date: Tue, 25 Oct 2011 08:38:54 GMT
> Cache-control: no-store
> The request header for this is as follows:
> GET
> /nuxeo/nxfile/default/ba9615d8-85f4-432e-b194-a981a6dc5a65/blobholder:0/Morning%20and%20Evening%20Briefs.docx
> HTTP/1.1
> Accept: image/gif, image/jpeg, image/pjpeg, image/pjpeg,
> application/x-shockwave-flash, application/vnd.ms-excel,
> application/vnd.ms-powerpoint, application/msword,
> application/x-ms-application, application/x-ms-xbap,
> application/vnd.ms-xpsdocument, application/xaml+xml, */*
> Referer:
> https://ssl.otep.org.uk/nuxeo/nxpath/default/default-domain/workspaces/CPX%201%20-%20Yellow%20Fortius/Command%20Group/ExCon%20Briefs/Morning%20and%20Evening%20Brie@view_documents?tabIds=%3A&conversationId=0NXMAIN
> Accept-Language: en-gb
> User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0;
> .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 2.0.50727)
> Accept-Encoding: gzip, deflate
> Host: ssl.otep.org.uk
> Connection: Keep-Alive
> Cookie: WASID=6b0f58bb37f24da6; WAAK=118cfbf411bcb6e5de98c38971401a42
> As you can see it is requesting an https address however when the code runs
> it evaluates it to be http an IE hence Pragma and Cache-Control header
> values are set on the ELSE statement as it does not met the criteria of IE
> and SECURE (HTTPS).
> I think the way for us to change this would be to remove the SECURE part of
> the evaluation in the expression so it forces the header information for all
> IE browsers, the only thing I do not know is if some connects via IE from a
> machine not going via the SSL firewall will this force of headers cause
> these browsers to fail?
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
ECM-tickets mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm-tickets
