You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fop-users@xmlgraphics.apache.org by John Burgess <jo...@riskdecisions.com> on 2004/08/02 12:02:42 UTC
Re: created pdf via FOP, try to load via https and get unsafe ActiveX control msg
Robert
I started having a similar problem on my nt4 sp4 box - to display pdf files
I had to save them to disk and then open them. Some googling eventually
gave the information that the most likely cause was to high a version of one
of the activex dlls (unfortunately I can't remember which) and there was a
microsoft technet article on how to re-install the correct one.
Another point is that making the generated reports or invoices etc available
in a published folder isn't very secure. At some point you will need a job
to delete all the pdf files and of course a hacker can try out different pdf
file names in the url until they luck into seeing their rivals invoices
etc..
Instead you should set the mime type to application/pdf (I think - you'll
need to check that as I'm away from my dev machine) and just stream the pdf
file down the line. You can then delete immediately you've streamed it - or
if you're really slick you can probably cut out the saving of a file
altogether and just pass a suitable stream to fop to output into.
John
----- Original Message -----
From: <Ro...@VerizonWireless.com>
To: <fo...@xml.apache.org>
Sent: Friday, July 30, 2004 6:06 PM
Subject: created pdf via FOP, try to load via https and get unsafe ActiveX
control msg
> hi all, I am creating pdfs via FOP, they look awesome!!!
>
> I really like FOP and appreciate all the hard work that went into it,
anyhow
>
> the pdfs are stored in tomcat webapp, I unabled https and try to hit a url
> like
> https://box:8443/rss/reports/BillInvoice.pdf
>
> in mozilla, I pops right up, wish our company would make mozilla the
> standard :-(
>
> in IE I get
>
> "This page provides potentially unsafe information to an ActiveX control.
> Your current security settings prohibit running controls in themanner. As
a
> result, this page may not display correctly."
>
> and of course they do not display at all, just a blank page pops up. LOL
>
> I cannot ask users to change settings in IE cause the company has locked
> down
> the desktops in thier anal-ness
>
> is there ActiveX in the resultant pdf FOP generated?
>
> I am real weak when it comes to MS crap and especially ActiveX so not sure
> whats happening here
>
> any help would be appreciated
>
> thanks
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: fop-user-unsubscribe@xml.apache.org
> For additional commands, e-mail: fop-user-help@xml.apache.org
>
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.729 / Virus Database: 484 - Release Date: 27/07/04
---------------------------------------------------------------------
To unsubscribe, e-mail: fop-user-unsubscribe@xml.apache.org
For additional commands, e-mail: fop-user-help@xml.apache.org