In addition, I'd read up on Adobe's new security efforts. My
understanding (from a recent attempt of one of my staff members to re-
install some of the new Adobe software, which was licensed and
previously installed - took close to 4 hrs to solve) is that Adobe's
new efforts are in fact getting in the way of getting things done,
because the security efforts were not well implemented. Just a heads
up, it isn't you AND the common-sense, programmatic ways to fix this
also might not work.
8)
On Dec 13, 2007, at 7:43 AM, Scott Cadillac wrote:
Hi Mike,
There are some things about browser file handling you can't get
around, obviously for security reasons. Over time things will change
on the client end, even though the server hums along happily for
years unchanged.
But regardless, try Content-Disposition: attachment; (as opposed to
inline) and see what that does.
As well, consider storing the file Content-Type along with your
document information (database column?), or parse for the Content-
Type from the filename extension (from where ever you're getting
that info from).
Hope that helps.
Scott,
On Thursday, December 13, 2007 7:57am, Mike Scally
<[EMAIL PROTECTED]> said:
Hi All,
Maybe someone can help me out here. We have a document management
system
written in Witango, and as part of the system we restrict access to
files based on the users profile. When a user requests a file, we
check
their credentials and then send the file back to them using the
following (where fileContents contains the contents of the file):
<@PURGERESULTS><@ASSIGN request$httpHeader "HTTP/1.1
<@HTTPSTATUSCODE>
<@HTTPREASONPHRASE> <@crlf>Server: Witango
<@version><@crlf>Content-Type: application/octet-stream; name=<@VAR
LOCAL$fileName ENCODING=NONE><@CRLF>Content-Disposition: inline;
filename=<@VAR LOCAL$fileName ENCODING=NONE><@CRLF><@IF
EXPR='len(<@USERREFERENCECOOKIE>)'
TRUE='<@USERREFERENCECOOKIE>'><@crlf>"><@VAR local$fileContents
encoding=none>
This application was untouched for some years, and it always served
the
files correctly including PDF files. The user got the Open, Save and
Cancel dialog for known file types. However, after we installed Adobe
Reader 8.0+, we no longer get the option to Open the PDF files
directly,
but can only Save them to the file system. I have included the HTTP
response header below. Should Content-Type be set differently to give
the Open option? If I specifically set it to "application/pdf", I get
the open file option, but I cannot do this as we server all different
file types. Maybe someone is doing something similar and may have run
into the same problem.
-----------------------------------HTTP
Header------------------------------------------
HTTP/1.1 200 OK
Server: Microsoft-IIS/5.1
Date: Thu, 13 Dec 2007 11:39:32 GMT
X-Powered-By: ASP.NET
Connection: close
Server: Witango 5.5.003 Liquorice (Win32)
Content-Type: application/octet-stream; name=Certificate.pdf
Content-Disposition: inline; filename=Certificate.pdf
PDF contents start here......
------------------------------------------------------------------
Any help greatly appreciated.
Thanks
Mike.
________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
--------------
Dale Graham,PhD
Technical Manager, NIDB
Custom Applications Branch, DECA, NIH
[EMAIL PROTECTED]
________________________________________________________________________
TO UNSUBSCRIBE: Go to http://www.witango.com/developer/maillist.taf
