Tìm kiếm hỗ trợ

Tránh các lừa đảo về hỗ trợ. Chúng tôi sẽ không bao giờ yêu cầu bạn gọi hoặc nhắn tin đến số điện thoại hoặc chia sẻ thông tin cá nhân. Vui lòng báo cáo hoạt động đáng ngờ bằng cách sử dụng tùy chọn "Báo cáo lạm dụng".

Tìm hiểu thêm

content-disposition as attachment for HTML file downloads rendered text

  • 1 trả lời
  • 0 gặp vấn đề này
  • 7 lượt xem
  • Trả lời mới nhất được viết bởi garym3

more options

I am at a loss as to why this started to happen only a few weeks ago after a years of working fine, and why it should happen at all:

given a link to an HTML file where the headers include content-disposition set to attachment and the server (NextCloud30) mistakenly setting content-type to text/plain, what downloads is not the HTML file, but a text rendering of that HTML file, which is, of course, completely useless to the purpose and makes no sense whatsoever that it should happen. Why would anyone download a file and expect to the be interpreted?

But more to the point, how do I stop this behaviour. The above link, on my home cloud so be gentle, will work just fine on Firefox/Linux, but on Firefox/Android it will download as a 7k rendering of the file, renamed with the txt extension. The link itself is just a few holiday classics in the iRealPro format, which is, sadly, and HTML file. Up until two weeks ago, I would post a link in our band group chat, band members would click the link, be asked if they should launch iReal, and then iReal would ask if they would like to import this playlist.

what happens now is I post the NextCloud public link, they click and get a landing page that correctly describes the file as 20k HTML and has that previous link as the Download button. Clicking that gets you 7k of useless text.

I can't say for certain that this is a few 'feature' of a recent Firefox update or something that was changed in a minor update to Nextcloud. I believe it may also happen on Safari, but I haven't confirmed that, all I know is the link does not work on mobile for most users.

Here are the headers that curl reports, although I don't think Nextcloud gives me any option to change these:

content-security-policy: default-src 'self'; script-src 'self' 'nonce-mgMdbHYk4V+oWScEpk7i171o4ZyKPO7IxeSXK7sI63s='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self'; content-disposition: attachment; filename*=UTF-8Xmas%20Market.html; filename="Xmas%20Market.html" content-transfer-encoding: binary expires: 0 cache-control: must-revalidate, post-check=0, pre-check=0 x-accel-buffering: no set-cookie: oc_sessionPassphrase=%2Fegdgxxr7IrZtmyhNVtKFUUTuaGRP97kftOGnPzaj0WDg0DTeoWnq%2BjRFrtKqQPB5lt%2B7pqIHRhLLNwXOQpErhhw8LGyV7zkmBq1lKRKVtcrqgZQTgB8iPK%2By24iPZnd; path=/; secure; HttpOnly; SameSite=Lax set-cookie: __Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax set-cookie: __Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict set-cookie: ochghoy8fko5=n0ktulqqs85monimi7nm0hkqb5; path=/; secure; HttpOnly; SameSite=Lax strict-transport-security: max-age=15768000; includeSubDomains referrer-policy: no-referrer x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow x-xss-protection: 1; mode=block content-length: 20456 content-type: text/plain;charset=UTF-8 date: Sun, 08 Dec 2024 18:25:07 GMT server: Apache

I am at a loss as to why this started to happen only a few weeks ago after a years of working fine, and why it should happen at all: given [https://nas.teledyn.com/s/JtggMFbi5tPYBqT/download/Xmas%20Market.html a link to an HTML file] where the headers include content-disposition set to attachment and the server (NextCloud30) mistakenly setting content-type to text/plain, what downloads is not the HTML file, but a text rendering of that HTML file, which is, of course, completely useless to the purpose and makes no sense whatsoever that it should happen. Why would anyone ''download'' a file and expect to the be ''interpreted''? But more to the point, how do I stop this behaviour. The above link, on my home cloud so be gentle, will work just fine on Firefox/Linux, but on Firefox/Android it will download as a 7k rendering of the file, renamed with the txt extension. The link itself is just a few holiday classics in the iRealPro format, which is, sadly, and HTML file. Up until two weeks ago, I would post a link in our band group chat, band members would click the link, be asked if they should launch iReal, and then iReal would ask if they would like to import this playlist. what happens now is I post the [https://nas.teledyn.com/s/JtggMFbi5tPYBqT NextCloud public link], they click and get a landing page that correctly describes the file as 20k HTML and has that previous link as the Download button. Clicking that gets you 7k of useless text. I can't say for certain that this is a few 'feature' of a recent Firefox update or something that was changed in a minor update to Nextcloud. I believe it may also happen on Safari, but I haven't confirmed that, all I know is the link does not work on mobile for most users. Here are the headers that curl reports, although I don't think Nextcloud gives me any option to change these: content-security-policy: default-src 'self'; script-src 'self' 'nonce-mgMdbHYk4V+oWScEpk7i171o4ZyKPO7IxeSXK7sI63s='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self'; content-disposition: attachment; filename*=UTF-8''Xmas%20Market.html; filename="Xmas%20Market.html" content-transfer-encoding: binary expires: 0 cache-control: must-revalidate, post-check=0, pre-check=0 x-accel-buffering: no set-cookie: oc_sessionPassphrase=%2Fegdgxxr7IrZtmyhNVtKFUUTuaGRP97kftOGnPzaj0WDg0DTeoWnq%2BjRFrtKqQPB5lt%2B7pqIHRhLLNwXOQpErhhw8LGyV7zkmBq1lKRKVtcrqgZQTgB8iPK%2By24iPZnd; path=/; secure; HttpOnly; SameSite=Lax set-cookie: __Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax set-cookie: __Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict set-cookie: ochghoy8fko5=n0ktulqqs85monimi7nm0hkqb5; path=/; secure; HttpOnly; SameSite=Lax strict-transport-security: max-age=15768000; includeSubDomains referrer-policy: no-referrer x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow x-xss-protection: 1; mode=block content-length: 20456 content-type: text/plain;charset=UTF-8 date: Sun, 08 Dec 2024 18:25:07 GMT server: Apache
Đính kèm ảnh chụp màn hình

Giải pháp được chọn

While I still don't see the value in what is downloaded being rendered, I have found the solution to my problem in the Nextcloud sources where I could force .html to be text/html and not text/plain, and the file now downloads as the original HTML.

Đọc câu trả lời này trong ngữ cảnh 👍 0

Tất cả các câu trả lời (1)

more options

Giải pháp được chọn

While I still don't see the value in what is downloaded being rendered, I have found the solution to my problem in the Nextcloud sources where I could force .html to be text/html and not text/plain, and the file now downloads as the original HTML.

Hữu ích?

Đặt một câu hỏi

Bạn phải đăng nhập vào tài khoản của bạn để trả lời bài viết. Vui lòng bắt đầu một câu hỏi mới, nếu bạn chưa có tài khoản.