jsp refers to an PDF streaming servlet - security question -

-

somewhere behind our firewall sits server full of pdfs. pdfs contain private information need restrict access pdfs. public can log in our web site , request pdfs.

our software went production recently. we're redirecting them pdf server's url. fails because public can't access our pdf server. thing though have preferred prove before launch.

i wrote pdf servlet stream pdf users' browsers. our jsps refer servlet using <object> html tag. prototype works fine.

i don't want world have direct access servlet since fiddle url , inappropriately grab pdf.

now, finally, questions. can jsp refer pdf servlet if servlet behind firewall? pdfs display in-line? users "save?" dialog box?

can jsp refer pdf servlet if servlet behind firewall?

the pdf request counts separate http request. servlet has no idea if behind firewall or been called jsp. safest approach check presence of user credentials in either http headers or in http session.

will pdfs display in-line? users "save?" dialog box?

that depends on presence of content-disposition header and/or browser's configuration. if header absent or explicitly set inline , browser supports content type specified in content-type header, displayed inline, otherwise ask it: open in application or save it. if header set attachment, depends on browser config. default, should pop save as dialog, user may have configured browser open in external application instead.


Comments

Post a Comment

Popular posts from this blog

ASP.NET/SQL find the element ID and update database -

-
basically i've got update query runs when click submit button. i have asp:repeater in page layer inside this <asp:repeater id="dgbookings" runat="server" onitemdatabound="itemdb"> <itemtemplate> <div class="bookingscontent"> <div class="bookingdetails" id="<%# databinder.eval(container.dataitem, "booking_ref") %>"> <p class="infotext"><%# databinder.eval(container.dataitem, "adults") %> <asp:linkbutton onclick="editdetails" text="edit..." runat="server"></asp:linkbutton></p> <p class="infotext"><asp:linkbutton onclick="submitdetails" text="submit..." runat="server"></asp:linkbutton></p> </div> </div> </itemtemplate> <asp:repeater> and outputs ...
Read more

jquery - appear modal windows bottom -

-
i have modal windows in application, work fine <div id="modal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="mymodallabel" aria-hidden="true"> but when modal appears, appear top of windows, , want appear bottom the application joomla 3.0! , using template of meet gavern any idea? i found solution i modified de css in bootstrap .modal.fade { top:-25%; -webkit-transition:opacity .3s linear, bottom .3s ease-out; -moz-transition:opacity .3s linear, bottom .3s ease-out; -ms-transition:opacity .3s linear, bottom .3s ease-out; -o-transition:opacity .3s linear, bottom .3s ease-out; transition:opacity .3s linear, bottom .3s ease-out; }
Read more

c++ - Compiling static TagLib 1.6.3 libraries for Windows -

-
i having super hard time compiling , using taglib 1.6.3 in qt project. i've tried can think of. taglib claims supported through cmake i'm not having luck. furthermore, i'm confused kinds of files need qt libs! i've built *.a files, *.lib, , *.dll. understand far... believe since i'm working in windows *.lib want. no matter do, end "undefined references" taglib functions try use when try compile qt project. have tried mingw32, msys, visual studio 2008, , cross-compiling windows on linux. turning nothing. what makes less sense me if compile same taglib source qt on mac (g++ think?) works fine! somewhere in windows compilation procedures have going wrong. have been smacking face on desk 30 (on , off) hours trying figure out. since qt uses mingw must compile taglib same compiler? if compile *.lib's visual studio not compatible? are *.a libraries usable in windows? (assuming mingw) i'm still trying handle on c++ stuff, after reading coun...
Read more