Am 2013-06-04 00:40, schrieb Jeffrey Janner:
[..]
For those who might be interested, here are the two header sets returned:

Without SSLAuthenticator:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Wed, 31 Dec 1969 18:00:00 CST
Content-Disposition: attachment; 
filename=SITE_VIEW_COST_SAVING_PART_NUMBER_%26QUOT%3BQUOTES_IN_PROJ_SV%26QUOT%3B_20130603.xls;
Content-Type: application/vnd.ms-excel
Transfer-Encoding: chunked
Date: Mon, 03 Jun 2013 22:34:41 GMT

With SSLAuthenticator:
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: private
Expires: Wed, 31 Dec 1969 18:00:00 CST
Content-Disposition: attachment; 
filename=SITE_VIEW_COST_SAVING_PART_NUMBER_%26QUOT%3BQUOTES_IN_PROJ_SV%26QUOT%3B_20130603.xls;
Content-Type: application/vnd.ms-excel
Transfer-Encoding: chunked
Date: Mon, 03 Jun 2013 22:29:41 GMT

Note the only real difference is the addition of a Pragma header.  Apparently, 
this is giving IE8 and earlier fits.
Anybody know how to disable the Pragma being added without using the 
SSLAuthenticator Valve?  Or remove it?

Hi Jeff,

I have observed this stupid IE behavior a couple of years ago. Took me almost a day to figure out. Though I use an authenticator in Tomcat which sets securePagesWithPragma to false.

Have you considered searching Tomcat's source code -- or better yet writing an always-pass-through authenticator which sets this flag by default?

Michael

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to