Login/Register
"download link " fails in IE
Asked Answered
Solved pythoninternet-explorerweb2py
H

3

6

I was trying to implement a "download link" and put it beside one of my report table so that users can download a csv file and open it with applications like Excel.

The records are generated dynamically based on the query made by users.

So somewhere in my controller there's something like:

response.headers['Content-Type'] = 'text/csv'
response.headers['Content-Disposition'] = 'attachment; filename=xxx.csv'
return response.stream(dynamically_generated_csv, request=request)

This works in both FireFox & Chrome, but fails in IE.

When I print out the response headers, I found that several headers were added to my response by web2py:'Expires', 'Cache-Control', etc...

And when I remove the 'Cache-Control' header by doing the following:

del response.headers['Cache-Control']

It works in IE.

So it seems like IE has trouble dealing with a downloadable file with 'Cache-Control' set to certain value.

Now, my question is:

  • Why does web2py add these response headers, implicitly? and maybe without a way to set it off?

  • is there any side effect when i delete the 'Cache-Control' header this way?

Thanks in advance.

Hexahedron answered 4/1, 2010 at 14:45 Comment(6)
This is a known defect in certain versions of IE: support.microsoft.com/kb/323308Mcinerney
When I was using Django, the response headers are just those that I set explicitly; however, in the case of web2py, it added response headers without the developers' knowledge, so I think maybe this is not a good design for a framework, it cost people time to find out what's happening under the hood.Hexahedron
When serving static files, web2py sets cache headers to make sure your browser does not requests files it already has and have not changed on the server. When serving dynamic content web2py makes sure the browser does not cache it (this is your case I believe). The philosophy of web2py is different from that of other frameworks. It tries to do for you as much as possible so that you do not have to learn howto (in this case how to manage browser cache). As it has been pointed out the problem is an IE bug. I will bring this up on the web2py mailing list and discuss it with other developers.Chur
I think this essay may be helpful to avoid this bug of IE: joseph.randomnetworks.com/archives/2004/10/01/…Hexahedron
Interesting. The suggested solution (way round IE bug) consists of replacing headers['Cache-Control'] = 'private' with headers['Cache-Control'] = 'public'. If we do this proxy servers may decide to cache pages and that may break some dynamic app. Changing cache from private by default to public by default also has security implications. Anyway, will look more into this. Thanks.Chur
What is the FULL set of headers that are returned on this response?Antipathy
F
5

I'm not sure what Cache control headers are/were being sent but IE has a bug with downloaded files like you are experiencing.

For IE, you MUST enable caching. When IE loads files (e.g. Excel files), in Excel, it loads them from the cache directory, thus if you don't cache it, Excel (or your other app) will fail to load the file.

Eric Law (MSFT) on the topic: http://blogs.msdn.com/ieinternals/archive/2009/10/02/Internet-Explorer-cannot-download-over-HTTPS-when-no-cache.aspx

Update: If however you just want to force the download... e.g. not have IE load the excel file inside the IE window... then be sure to set the full headers for the attachment.

//PHP style
header('Content-Type: application/vnd.ms-excel');
header('Content-Disposition: attachment; filename="downloaded.pdf"');
Fretted answered 4/1, 2010 at 15:10 Comment(3)
Thx for your explanation. But I think this may not be the same problem I encountered. I explicitly set 'Content-Disposition' to 'attachment' and I think this will, hopefully, prevent the file from being opened even in IE.Hexahedron
Even more problematic than the cache control headers, and as mentioned in Eric's blog entry, is the fact that security-conscious people like to enable the Internet Explorer option Do not save encrypted pages to disk which is not restricted to caching but totally prevents saving any file from SSL-enabled sites to disk. Defective by design.Gavrilla
Satoru - did modifying the content-disposition work? I'm experiencing the same problem at the moment.Coston
R
2

Is the download link using https (ssl)? If so, then IE can't handle the downloading if it's set to be cached. This is a known problem with IE.

Retractor answered 4/1, 2010 at 15:4 Comment(0)
A
0

This doesn't answer your question, but solves, I hope, original problem.

I would just add timestamp (something unique enough) to query string of link to CSV file. It helped for me.

Agranulocytosis answered 4/1, 2010 at 14:56 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.