tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Roger Parkinson <>
Subject Re: serving files through SSL
Date Wed, 07 Nov 2007 19:56:14 GMT
In both cases the URL is invoke with some javascript that looks like this:
function downloadpdf(url)
    var pdfWindow = url 
The application invokes a mix of html and servlet requests beforehand.
But the response to the static PDF always works regardless of when it is 

Gabe Wong wrote:
> Roger Parkinson wrote:
>> I am trying to deliver some PDFs to the browser using my tomcat 
>> application. It works, but not always under SSL and IE.
>> One file is a static PDF and it lives inside my war file. That works 
>> just fine. The file is accessed using a url like 
>> /myapp/web/myfile.pdf and that always delivers the file.
>> Other files are generated by the app and live in a configured 
>> directory. They are delivered through a servlet that looks like this:
>>            String mimeType = sc.getMimeType(filename);
>>            FileHelper helper = new FileHelper();
>>            InputStream in = helper.fetch(filename, m_dir);
>>            response.setContentType(mimeType);
>>          response.setContentLength(10115);
>>          response.addHeader("ETag","W/\"963288-1194247031062");
>>            OutputStream out = response.getOutputStream();
>>            byte[] buf = new byte[1024];
>>            int count = 0;
>>            while ((count = >= 0)
>>            {
>>                out.write(buf, 0, count);
>>            }
>>            in.close();
>>            out.close();
>> So apart from some minor fiddling with the contentType etc I don't do 
>> very much. This works fine outside of SSL and it also works fine with 
>> SSL and Firefox, but not SSL+IE.
>> Thinking it was a problem with headers I did some research and found 
>> a lot of stuff about setting no cache etc. Tried it and it nothing 
>> made any difference (except that I managed to break it). I have taken 
>> all those out because the static file, the one I mentioned at first, 
>> is delivering okay to IE over SSL so I don't believe there is a 
>> problem at the IE end, or not one that cannot be overcome by getting 
>> my response right at the server end.
>> I used TCPMonitor to sniff the headers using non-SSL and found that 
>> the static file has this response:
>> HTTP/1.1 200 OK
>> Server: Apache-Coyote/1.1
>> ETag: W/"963288-1194247031062"
>> Last-Modified: Mon, 05 Nov 2007 07:17:11 GMT
>> Content-Type: application/pdf
>> Content-Length: 963288
>> Date: Wed, 07 Nov 2007 04:54:39 GMT
>> ... pdf file follows
>> So there doesn't seem to be too much going on there.
>> When I respond to the request for the dynamic file it looks like this:
>> HTTP/1.1 200 OK
>> Server: Apache-Coyote/1.1
>> Pragma: No-cache
>> Cache-Control: no-cache
>> Expires: Thu, 01 Jan 1970 12:00:00 NZST
>> ETag: W/"963288-1194247031062
>> Content-Type: application/pdf
>> Content-Length: 10115
>> Date: Wed, 07 Nov 2007 05:32:02 GMT
>> ...pdf file follows.
>> I am getting some cache headers added for free otherwise there is no 
>> difference in the request.
>> Of course those headers may be making all the difference because IE's 
>> message is 'cannot write the file to cache' which is a bit odd 
>> because we've explicitly told it not to here.
>> Searching the web on this has a number of answers that suggest adding 
>> those no-cache headers anyway.
>> So, does anyone know what I need to do to make the two responses 
>> enough the same to stop IE complaining?
>> I am aware that I have faked the ETag and the length of the file and 
>> that I need to do something smarter there, but I'll do that when it 
>> starts working.
>> Version info: Tomcat 5.5, Java 1.5, WinXP SP2
> Are you calling the dynamic PDF URL directly? For instance typing in 
> the URL directly in the browser?
> The reason I am asking, is that for mixed responses from SSL requests, 
> IE puts up a warning, whereas FF does not.

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message