You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Chris Parker <cp...@cya.ca.gov> on 2002/12/09 18:10:19 UTC
RE: REPOST: SSL and setContentType() and "secure and nonsecure"
Actually, I typed the code sample below by hand off the top of my head and
it doesn't reflect reality - I accidentally changed the order of the
sequence - see code sample below...
However, I don't think that's the problem. In an obviously contrived https
servlet, I did this:
---class setup stuff---
doGet ( HttpServletRequest req, HttpServletResponse res) throws ... {
response.setContentType("application/pdf");
}
considering how little the servlet does, it's pretty much setContentType.
-----a slightly better code snippet ------
Here's the unmodified (read that as ugly) code:
try {
//Get pdf contents
response.setContentType("application/pdf");
EvalPDF epdf = new EvalPDF();
ByteArrayOutputStream baos = epdf.processEval(hm);
response.setContentLength(baos.size());
// write ByteArrayOutputStream to the ServletOutputStream
// this is a workaround for a bug in MSIE
// see http://www.lowagie.com/iText/faq.html#msie
ServletOutputStream out = response.getOutputStream();
baos.writeTo(out);
out.flush();
return;
} catch (Exception e2) {
System.out.println("Error in " + getClass().getName() +
"\n"
+ e2);
}
> ----- Original Message -----
> From: Bodycombe, Andrew <an...@siemens.com>
> To: 'Chris Parker ' <cp...@cya.ca.gov>; <to...@jakarta.apache.org>
> Sent: Monday, December 09, 2002 8:22 AM
> Subject: RE: REPOST: SSL and setContentType() and "secure and nonsecure it
> ems"
>
>
> > In earlier versions of the servlet spec, you must call setContentType()
> > before you call getOutputStream().
> >
> > Although I thought this was changed in later versions, so maybe this is
a
> > red herring.
> >
> > Andy.
> >
> > -----Original Message-----
> > From: Chris Parker
> > To: Tomcat Users List
> > Sent: 09/12/2002 16:01
> > Subject: REPOST: SSL and setContentType() and "secure and nonsecure
items"
> >
> > Greetings all,
> >
> > Apologies in advance for the blatant repost; I originally posted Friday
> > afternoon, and I'm not sure if I got lost in the 'it's Friday - let's go
> > home' shuffle or if nobody knows how/wants to help.
> >
> > ----------Original Message---------------
> >
> > No doubt there's a simple way around this, but I can't find it. I have
> > some
> > dynamic content that is being sent to the user's browser as PDF on an
> > SSL
> > enabled page. When the user goes to the page, she gets the message
> > "This
> > page contains both secure and nonsecure items."
> >
> > I've traced the problem to this method call:
> > response.setContentType("application/pdf");
> >
> > When I set the content type, I get the error message. When I don't set
> > the
> > content type, the user is prompted to download the file as an http
> > download
> > (which is obviously correct behavior). Is there another way to set the
> > header? Do I need to encode the header into the ByteArrayOutputStream
> > by
> > hand?
> >
> > -- A somewhat truncated code snippet --
> >
> > ByteArrayOutputStream baos = GoSomeplace.getPdfContent();
> > ServletOutputStream out = response.getOutputStream();
> > response.setContentLength( baos.size() );
> > response.setContentType("application/pdf"); //Causes error message
> > baos.writeTo( out );
> > out.flush();
> >
> >
> >
> > --
> > To unsubscribe, e-mail:
> > <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> > <ma...@jakarta.apache.org>
> >
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>