通过 https URL 访问 pdf
我发送了一封简讯电子邮件,其中包含 https 网站的 URL,然后重定向到 pdf 文档。
首次调用 URL 时,系统会提示用户典型的 https 浏览器“安全警报”弹出窗口,选择“是”后,PDF 显示失败。失败响应的 HTTP 标头是:
HTTP/1.1 200 OK
Server: ECS/HTTP-Server
Date: Tue, 16 Mar 2010 15:57:26 GMT
Content-type: application/pdf
Content-language: en-US
Set-cookie: JSESSIONID=0000r111cRz1Vc-PtCJg8Cdu4eR:-1; Path=/
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-control: no-cache="set-cookie, set-cookie2"
Connection: close
URL 的后续调用成功打开 PDF(此时我们拥有由初始失败请求设置的会话 ID cookie)。 成功响应的 HTTP 标头是:
HTTP/1.1 200 OK
Server: ECS/HTTP-Server
Date: Tue, 16 Mar 2010 16:53:03 GMT
Content-type: application/pdf
Content-language: en-US
Connection: close
电子邮件客户端是 Lotus Notes 6.5,它启动 IE6 浏览器
有什么想法吗?
I send out a newsletter email containing URLs to a https website that then redirects to a pdf document.
On first invocation of a URL the user is prompted with the typical https browser "security alert" popup, on selecting "Yes" the display of the PDF fails. The HTTP Header on the failed response is:
HTTP/1.1 200 OK
Server: ECS/HTTP-Server
Date: Tue, 16 Mar 2010 15:57:26 GMT
Content-type: application/pdf
Content-language: en-US
Set-cookie: JSESSIONID=0000r111cRz1Vc-PtCJg8Cdu4eR:-1; Path=/
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-control: no-cache="set-cookie, set-cookie2"
Connection: close
Subsequent invocations of the URL successfully opens the PDF (at this point we have the session id cookie set by the initial failed request).
The HTTP Header on the successful response is:
HTTP/1.1 200 OK
Server: ECS/HTTP-Server
Date: Tue, 16 Mar 2010 16:53:03 GMT
Content-type: application/pdf
Content-language: en-US
Connection: close
The email client is Lotus Notes 6.5 which launches an IE6 browser
Any ideas?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
来自 IE 的安全警报可能来自自签名 SSL 证书。您是否拥有由标准 CA 签名的 SSL 证书?
您的项目是公司项目还是对任何用户开放?
PS:尝试在显示 pdf 之前添加额外的重定向。
Security alerm from IE may comes from self-signed SSL certificate. Do you have SSL cert, signed with standard CA's?
Is you project corporative or open to any user?
PS: try to add an additional redirect before showing pdf.
问题是由于 Struts servlet 在包含 PDF 的 HTTP 响应中设置了新的会话 cookie。这导致 IE 6“丢弃”PDF。
解决方案是使用本机 servlet,它不会在 HTTP 标头中发送 set-cookie。
Problem was due to the Struts servlet setting a new session cookie in the HTTP response that contained the PDF. This caused IE 6 to "drop" the PDF.
Solution was to use a native servlet which does not send a set-cookie in the HTTP Headers.