locked
Https and custom httpHandler problems RRS feed

  • Question

  • User-1480626486 posted

    On a new website I am setting up, I want to implement ad hoc authentication. Because the site will contain PDF, DOC and other "non standard" files, I pointed these file types to be processed by aspnet_isapi.dll. I then had to write a custom httpHandler class for each file type so that ASP.NET would know what to do with the file (sample code of the handler below.) Now, if an anonymous user requests one of these files, he is taken to the Login.aspx page, authenticated, then the document is loaded within the browser.

    Then, I turned on SSL.

    Everything still works as described if the document is requested using http. If the user makes the request using https, however, the request for the document crashes. Instead of loading in to the browser, the File Download pops up, as if the Content-Disposition header had been set. If either Open or Sae are selected, an error box appears saying that Internet Explorer could not download the file from the server, as the requested site is either unavailable or cannot be found.

    I suspect the problem is in how https is handling the stream from context.Response.WriteFile. At this point, though, I've been banging my head against the wall so long that I can't figure out how to fix this. Any help would be much appreciated.

    Public Sub ProcessRequest(ByVal context As System.Web.HttpContext) _
    Implements System.Web.IHttpHandler.ProcessRequest
        'Verify that the document exists
        If Not HostingEnvironment.VirtualPathProvider.FileExists(context.Request.Path) Then
            context.Response.StatusCode = 404
            context.Response.End()
            Exit Sub
        End If
    
        'Reset the Response object
        context.Response.Buffer = True
        context.Response.Clear()
    
        'Document is not to be cached and should expire immediately
        context.Response.Cache.SetCacheability(HttpCacheability.NoCache)
        context.Response.Cache.SetNoStore()
        context.Response.Cache.SetExpires(DateTime.MinValue)
    
        'Set other headers
        context.Response.ContentType = MimeType
    
        'Write to the system
        context.Response.WriteFile(context.Request.PhysicalPath)
    End Sub
    
    Thursday, June 22, 2006 1:32 PM

All replies

  • User-1480626486 posted

    Found the answer.

    The problem is described (sort of) in this MS article. The solution is to remove the SetCacheability and SetNoStore method calls.

    Friday, June 23, 2006 12:57 PM