Rob Allen

Pragmatism in the real world

Sending a file to IE using SSL

I keep coming across this one, so I’m noting it here so I can find it again.

Internet Explorer doesn’t like certain headers related to caching when you send it a file from an SSL site. The Microsoft knowledge base article, Internet Explorer is unable to open Office documents from an SSL Web site explains the problem quite well:

When you attempt to open or download a Microsoft Office document (.doc file, .xls file, .ppt file, and so on) from a secure Web site in Internet Explorer, you may receive one of the following error messages, even though the document is available and downloaded from the server

It turns out that the problem is directly due to sending these headers:


Pragma: no-cache
Cache-control: no-cache,max-age=0,must-revalidate

So, make sure you don’t!

Incidentally, IE6 also gets upset if you set max-age to 0 and attachment to inline, so don’t do that either!

This article was posted on in PHP

Search

I'm Rob Allen, a software consultant and engineering leader, concentrating on HTTP APIs. A proponent of Open Source, I maintain rst2pdf and Slim Framework, and contribute to Apache OpenWhisk amongst other OSS projects.

I live in the UK, run 19FT and publish Daily Jotter for Mac. I am a public speaker and wrote Zend Framework in Action.

Follow

Nineteen Feet Limited logo

Books I've written

Zend Framework in Action book cover
C++Builder 5 Developer's Guide book cover