Main Area and Open Discussion > General Software Discussion

server-side configuration Open to View PDFs in browser not download them

<< < (3/4) > >>

Stoic Joker:
As this is a temporary committee formed for only this one purpose, they are most likely using laptops drawn from a company "equipment pool" While they "could" just be told be told to make new rules about completely cleaning all files and folders from each laptop after every meeting anyway (something I would have advised doing anyway as a matter of course)  It isn't how things have been done before.-questorfla (March 03, 2016, 09:20 PM)
--- End quote ---


Ding! Ding! Ding!!! We have a Winner!!!

Seriously, this should be a totally carved in stone policy for any company controlled equipment/data. Part of what we do as an MPS (Managed Print Services) provider is to lease printers to clients that need high-end printing equipment for variable periods of time. Most of the devices have Send-2-X networking features that require usernames, passwords, address books, etc... to do said task. So there is potential for much sensitive info to be gleaned from the device if one knows how to extract it. This is why we have a carved in stone policy of enabling the security encryption on these devices and wiping them when they're returned. From anywhere, for any reason. Data should never be left on a machine...ever.


One other thing that comes to mind, is that your issue of auto downloaded files sounds much like a - completely client side - browser configuration issue. The type of issue that would never have existed in the first place if you had a proper domain...that allowed you to enforce configuration restriction policies on company (should be) controlled equipment. You may want to consider looking into a - Cloud Based - Intune/Azure AD solution that affords you the ability to control what happens to your companies information on both company controlled and BYOD equipment. That would show management some value because you could flatten a device remotely as they were using it to demonstrate the advantage of having truly and properly centralized administration available.

skwire:
Folks, are we certain this isn't a server-side MIME type issue?

Typically, PDFs have a server-side content-type of application/pdf which browsers can recognise and choose to display said PDF within the browser.  However, if PDFs are set as a content-type of application/octet-stream, most browsers would then simply download the file.  At any rate, it's something worth checking out and you should be able to see if this is the problem by looking at the headers returned in the links you're using for the PDFs.

wraith808:
Folks, are we certain this isn't a server-side MIME type issue?

Typically, PDFs have a server-side content-type of application/pdf which browsers can recognise and choose to display said PDF within the browser.  However, if PDFs are set as a content-type of application/octet-stream, most browsers would then simply download the file.  At any rate, it's something worth checking out and you should be able to see if this is the problem by looking at the headers returned in the links you're using for the PDFs.
-skwire (March 04, 2016, 09:43 AM)
--- End quote ---

But if it changed suddenly, then the mime type shouldn't have changed- but it's worth checking.  Good catch, skwire!

questorfla:
hanks Skwire and I did bring that up to the webdesigners.  The reply was "We have not made any changes to anything".  Along with ...
"This must be something (you) changed on the hosting servers".  Again, as far as I know, "NO one" did anything to anything.  All was well until one day it wasn't.  I was informed just a few days ago and started looking into it so I can't even say for sure how long it has been happening.

But I am very sure of what once happened and this isn't it.

RE: "  ...However, if PDFs are set as a content-type of application/octet-stream.."  there are statements to the exact opposite to prevent them from downloading unless Apache has changed the manner in which it is supposed to be stated.  However, I think you are on the right track. Something along these lines is exactly what is happening if I can only figure out why and when it began.

BUT!  In the process, if I could find a better way that offered more control over the documents themselves it would certainly be a "Bonus".  This has always been a problem even when it worked properly.  The original idea of buying ADOBE Acrobat was a waste before we even got it.   The "crack" programs for all the ADOBE "file-locks" are FREE. 

The applications I looked at a couple of years ago to handle server-side viewing control were either only available if you used that particular  company's web hosting or so expensive and complicated as to make it not feasible for our needs.  Maybe there are better ways now and i should do some research on current methods.

Something that could do both (or multiple products if necessary) would be an even better solution as there are times that we would want specific people to be able to download the files but would like to be able to control further dissemination of them to other systems or other people

questorfla:
If i could get Xpdf into the sites display module correctly and if I have interpreted what it does and why, that should solve the problem.  Maybe. 
Either way, I have now dipped into Dark Waters as far as I am concerned.  Adding the viewer into the site even if it works is beyond anything I can do.   And Xpdf was the simplest embeddable viewer i could find. 
As there are no cases where the pdf files would ever be downloaded it would be fine if they Always displayed and had no option to download at all.

Navigation

[0] Message Index

[#] Next page

[*] Previous page