Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

pdf into browser via servlet

Status
Not open for further replies.
jefftoaster

jefftoaster

Programmer
Feb 6, 2003
19
US
I'm trying to send adobe pdf files to my client's browsers by transferring the pdf file using a servlet.

In the servlet, I basically set the content-type to "application/pdf", and the content-disposition to "inline; filename=test.pdf", then I set the content-length to the length of the pdf file, and write the pdf file to the response outputstream. Really straightforward, and it works great - using http.

As soon as I switch to https (this is semi-sensitive data), Internet Explorer starts to complain that there are secure and nonsecure items, and would I like to view the nonsecure items. It doesn't matter whether I select yes or no, the report still comes up just fine. BUT - I can't have my clients seeing that junk - I'd get 500 calls a day!! And they all use IE.

I've tried changing and eliminating the content-type and content-disposition, but the message remains.

Is there a fix or workaround that anyone knows of which allows me to get around this dumb MS message?

Thanks,
Jeff Owens
 
Sort by date Sort by votes
I'm just thinking out loud here, but if IE is telling you that insecure items are coming across, wouldn't that imply that the security https is offering is not being applied to the pdf mime type?

And if that's the case, you might as well just use http to send it over and eliminate the problem.

In other words, the assumtion that the pdf transmission is secure because you're using https may not be correct. You might want to investigate that aspect before you beat your head against IE.
 
Upvote 0 Downvote
Excellent thought! Thanks!

So after I read your reply, I went and ran Ethereal and grabbed the packets coming across the wire during the pdf transfer.

Odd - but relieving - they were all coming over as SSL3. Looking at the packet data revealed nothing but garbledeegook. Odd (in a good way) - in the sense that they're all encrypted, so what the heck is IE complaining about???

-jeff
 
Upvote 0 Downvote
For anyone interested in (somewhat of) a workaround...

I'm currently using a POSTed form, and a submit button, which calls the servlet that returns the pdf. IE doesn't like this - it gives the doofus "secure and nonsecure items" message.

What works is changing the html to use a link (anchor) instead - as long as the very last item on the address line ends in ".pdf". So my servlet is still getting called, and still doing the same thing, I guess its because IE sees that it's using a direct GET instead of a POSTed form???

After that I tried setting up a redirect, but it didn't work - I, again, got the complaint from IE. Oh well, for now I can live with using a link to call it - maybe make it all official looking somehow..



 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Xsi
  • Locked
  • Question
How to use arraylist from one class into another class + add data in Java 1
Replies
5
Views
667
Xsi
Xsi
mherz715
  • Locked
  • Question
Apache Tomcat and Servlet Configuration
Replies
1
Views
160
Diancecht
Diancecht
DougP
  • Locked
  • Question
Newbie Java help showing browser or screen dimenisions
Replies
3
Views
148
feherke
feherke
csphard
  • Locked
  • Question
Need help getting my first servlet to run.
Replies
0
Views
86
csphard
csphard
seema165
  • Locked
  • Question
Web Application (JSP, Servlets, Struts) Issue - Java & Tomcat Upgrade
Replies
12
Views
320
Diancecht
Diancecht

Part and Inventory Search

Sponsor

Back
Top