LT   EN   RU  
Monday 26 October 2020 Straipsniai.lt - Independent and informative portal
Home
Phorum
Contacts
Login
Register   Login
News subscribe
Subscribe   Unsubscribe
Partners
www.slaptai.lt www.gamezone.lt
www.penki.lt www.hakeriai.lt
   
   
Advertising
Statistic
Visits since 2002 09 12 - 66992665
Pages in Straipsniai.lt: 40735
  
  Computers > Computer technologies > Security > SSL certificates
Lankomumo reitingas Print version Print version
Internet Explorer, SSL and binary data

I have encountered a strange problem when straming binary data over SSL using PHP (php 4 as apache module). The user is able to surf SSL pages (html, inline images, assets like styles) which get delivered and isplayed correctly.

However, in some places i need to check authentity of the user before streaming data. This means, that the script itself will have to read the file and srteam it out to the client.

In this case, php will add some headers which will prevent IE 5+ to read the data (for wahtever reason).

the following headers will tell IE to not cache the data (which is a good idea on dynamicly created content). IE will also prevent saving data to the local hard drive (however):


Cache-Control:no-store, no-cache,must-revalidate, post-check=0, pre-check=0Pragma: no-cache
the no-cache and no-store must be overriden with a header() function to make the document storable in IE.

This is what i came up with after some fiddling:

HEADER('Expires: '.date("r", time()-60*60*4));
HEADER('Last-Modified: '.date("r",time()-60*60*4));
HEADER("Etag: \"" . md5(implode("", file($location))).'"');
HEADER("Accept-Ranges: bytes");
HEADER('Content-length: ' .filesize($location));
HEADER('Content-type: '.$oMime->mime_contenttype($location));
HEADER('Content-disposition: attachment; filename="'.$file.'"');
HEADER("Cache-Control: must-revalidate, post-check=0,pre-check=0");
HEADER("Pragma:");

The ETag part seems to be important for some IE Versions. this is just an md5 sum of the file. Note, the md5 sum must be enclosed in quotes.

            
Lankomumo reitingas

Diskusijos - Discusions

Print version - Print version

Atgal
Random tags:    Blow-ups (2)    Beer (10)    Chess (10)    Feng Shui (14)    Transport (54)    Open source (9)    UFO (39)    Telecomunication (40)    Films (10)    Travels (2)    Monitors (10)    Software (11)    Modems (2)    Aquariums (28)    Laptops (10)    Cryptography (10)    Animals (65)    Medicine (5)    Computer games (64)    E - commerce (10)    Science (163)    Security (22)    Economics2 (2)    SSL certificates (10)    Gymnastics (9)    Geology (4)    Paintball (10)    Physics (5)    Hardware (43)    Ecology (10)    Religion (34)    History (4)    Love (48)    Astronomy (11)    Mysticism 2 (3)    Communication (38)    Prose (11)    Philately (8)    Krishnaism (10)    Cats (14)    Vampire (6)    Sport (81)    Martial arts (7)    Automobiles (10)    Hobby (25)    Photography (3)    Aviculture (2)    Egypt (43)    Countries (43)    Kisses (13)
1. Introduction to SSL certificates
2. Where should I get my SSL Certificate?
3. What is SSL? And how can I use it?
4. MIDP Application Security 2: Understanding SSL and TLS
5. What is SSL (the "little padlock")?
6. What is SSL?
7. RSA Security and GeoTrust Announce Strategic Partnership to Offer Digital Certificate Solutions
8. How do I generate a Certificate Signing Request (CSR) for my web server?
9. SSL toolkit flaw poses risk
1. MIDP Application Security 2: Understanding SSL and TLS
2. How do I generate a Certificate Signing Request (CSR) for my web server?
3. What is SSL?
4. Where should I get my SSL Certificate?
5. RSA Security and GeoTrust Announce Strategic Partnership to Offer Digital Certificate Solutions
6. Introduction to SSL certificates
7. What is SSL? And how can I use it?
8. SSL toolkit flaw poses risk
9. What is SSL (the "little padlock")?
Map