none
IE: do not save encrypted pages and pdf and ssl

    Question

  • i know, that "do not save encrypted pages on disk" should prevent IE from displaying any non-browser content like PDF, DOC etc as IE can't save it in temp folder and then open the file in an external program. we have set this option in ie settings -> advanced for security reasons. i also know, that we have to discuss security issues with this option, there are pros and cons. the cons are that downloading or displaying special contents failes. i also know that IE won't open PDF when you send a "pragma: no-cache" on ssl sites.

    our users sometimes report sites where the download fails. i know wanted to check it myself. the problem that i have is, whatever settings of "do not save encrypted pages on disk" i use i can display the pdf from my https server. i written a small script that sends the pdf as inline or as attachment with different cache-header settings. also in GET and POST. only when i send "no-cache" i get the error. in all other cases the PDF opens fine inline in browser window or in the external acrobat. so my question is, what do i wrong, why can i display PDF from an https/ssl site even with "do not save encrypted pages" ON?

    i have written a small perl-script on our apache server which gives me a pdf back. the script is accessed via https://my.server/cgi-bin/test.pl?mode=xxx with mode i can try/use different http-cache-header settings:

     

    #!/usr/bin/perl
    
    use CGI;
    
    $vvk = new CGI;
    $mode = $vvk->param('mode');
    $pdfFile = "/httpd/htdocs/test.pdf";
    $pdfName= "Test.pdf";
    
            if (-e $pdfFile) {
                my ($s, $length, $pdf);
                $s = (stat($pdfFile))[7];
                open (FILE, "<$pdfFile");
                binmode FILE;
                $length = read FILE, $pdf, $s;
                close (FILE);
                print $vvk->header('-content-type'=>'application/pdf',-attachment=>$pdfName,-filename=>$pdfName,-expires=>'0',-pragma=>'no-cache',-'Cache-Control'=>'no-cache') if ($mode eq 'nocache');
                print $vvk->header('-content-type'=>'application/pdf',-expires=>'0',-pragma=>'no-cache',-'Cache-Control'=>'no-cache') if ($mode eq 'innocache');
                print $vvk->header('-content-type'=>'application/pdf',-attachment=>$pdfName,-filename=>$pdfName,-expires=>'+60s') if ($mode eq 'attexpires');
                print $vvk->header('-content-type'=>'application/pdf',-attachment=>$pdfName,-filename=>$pdfName,-expires=>'+60s',-'Cache-Control'=>'private') if ($mode eq 'attprivateexp');
                print $vvk->header('-content-type'=>'application/pdf',-attachment=>$pdfName,-filename=>$pdfName,-'Cache-Control'=>'private') if ($mode eq 'attprivate');
                print $vvk->header('-content-type'=>'application/pdf',-attachment=>$pdfName,-filename=>$pdfName,-'Cache-Control'=>'public') if ($mode eq 'attpublic');
                print $vvk->header('-content-type'=>'application/pdf',-attachment=>$pdfName,-filename=>$pdfName) if ($mode eq 'att');
                print $vvk->header('-content-type'=>'application/pdf') if ($mode eq 'inline');
                print $vvk->header('-content-type'=>'application/pdf', -'Cache-control'=>'private') if ($mode eq 'private');
                print $vvk->header('-content-type'=>'application/pdf', -'Cache-control'=>'public') if ($mode eq 'public');
                # print $vvk->header('-content-type'=>'application/pdf', -'Cache-control'=>'no-cache',-pragma=>'no-cache') if ($mode eq 'nocache');
                print $vvk->header('-content-type'=>'application/pdf', -expires=>'+60s') if ($mode eq 'expires');
                print $pdf;
                exit;
            }
    
    


     



    • Edited by Markus.R Wednesday, November 23, 2011 2:18 PM
    Wednesday, November 23, 2011 2:16 PM

Answers