You are here: Foswiki>Tasks Web>Component>XSendFileContrib>Item14958 (20 Oct 2020, MichaelDaum)Edit Attach

Item14958: work around bug in PDF.js not being able to authenticate partial downloads

pencil
Priority: Enhancement
Current State: Closed
Released In: n/a
Target Release:
Applies To: Extension
Component: XSendFileContrib
Branches: master
Reported By: MichaelDaum
Waiting For:
Last Change By: MichaelDaum
See also https://blog.foswiki.org/Blog/WorkingAroundANastyBugInPDFJs

There is a nasty bug in PDF.js - which is part of any browser-based PDF reader as shipped with all sorts of chrome based browsers - that it cannot read large pdf files that need authentication. The PDF.js reader and web servers exchange chunks of large files being split up in parts as the user continues to read the file.

When resuming these partial downloads, PDF.js fails to authenticate again against the web server. I.E. it does not send any cookie information the way it did with the initial chunk. Thus Foswiki will reject to deliver the rest of the PDF as it seems to be queried by the unauthenticated default user.

This can only be mitigated on the server side by disabling partial downloads for large PDFs.

The new version of XSendFileContrib allows to configure different (internal) locations for each filetype to be served. So partial downloads may still be in place streaming movie files and the like, but being disabled for PDFs.

A full example of an NGINX config will look something like this: 

# no auth required for system assets such as css and js
location ~ ^/pub/(System|Applications)/ {
  root /path/to/foswiki;
  expires 12h;
  gzip_static on;
}

# require auth for any other static file
location /pub {
  rewrite ^/pub/(.*)$ /bin/xsendfile/$1;
}

# default internal location 
location /protected_files {
   internal;
   alias /path/to/foswiki/pub/;
}

# internal location for pdf but
# disable Accept-Ranges header as it breaks cookie authentication with pdf.js
location /protected_files/pdf {
   internal;
   alias /path/to/foswiki/pub/;
   max_ranges 0;
}

Foswiki can then be configured to serve respective filetypes from their internal web server location: 

$Foswiki::cfg{XSendFileContrib}{Location}= "/protected_files";
$Foswiki::cfg{XSendFileContrib}{Locations}{pdf}= "/protected_files/pdf";

-- MichaelDaum - 20 Oct 2020

 

ItemTemplate edit

Summary work around bug in PDF.js not being able to authenticate partial downloads
ReportedBy MichaelDaum
Codebase
SVN Range
AppliesTo Extension
Component XSendFileContrib
Priority Enhancement
CurrentState Closed
WaitingFor
Checkins XSendFileContrib:6bd6bbe1e760
ReleasedIn n/a
CheckinsOnBranches master
trunkCheckins
masterCheckins XSendFileContrib:6bd6bbe1e760
ItemBranchCheckins
Release02x01Checkins
Release02x00Checkins
Release01x01Checkins
Edit  | Attach | Print version | History: r1 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r1 - 20 Oct 2020, MichaelDaum
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy