Hello, abalter wrote: > When you view an attached PDF file you get the "HTML preview not > available" message, and the suggestion to "Try downloading the file > instead.". > > Is there a way to make it so that pdf's try to open in the browser > window as they do when they are simply web files? >
By default, when downloading an attachment, we sent it with a Content-Disposition set to "attachment", which effectively prevents the file from being opened directly by the browser. This is because there are some browsers which will attempt to render as HTML any /content/ that looks like HTML, completely ignoring the mime-type or the file extension. Therefore someone could craft a malicious HTML page, name it something.pdf and upload it to your site. If you have set the proper permissions and know that you can trust people who have those permissions (to attach files, to commit files to your repository), then there are ways to configure Trac so that it won't set this Content-Disposition header. See http://trac.edgewall.org/wiki/ChangeLog#a0.10.3.1 and look for render_unsafe_content in TracIni. Also, if you want to by-pass the "preview" page when clicking on an attachment link, it is possible to create links using the raw-attachment: TracLinks prefix in your wiki text. Or use a recent Trac (0.11.5dev), where you'll get "download" icons next to any attachment link. -- Christian --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Trac Users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/trac-users?hl=en -~----------~----~----~----~------~----~------~--~---
