Fungovanie tejto stránky je z dôvodu údržby dočasne obmedzené. Ak článok nevyrieši váš problém a chcete položiť otázku, napíšte našej komunite podpory na Twitter @FirefoxSupport alebo Reddit /r/firefox.

Vyhľadajte odpoveď

Vyhnite sa podvodom s podporou. Nikdy vás nebudeme žiadať, aby ste zavolali alebo poslali SMS na telefónne číslo alebo zdieľali osobné informácie. Nahláste prosím podozrivú aktivitu použitím voľby “Nahlásiť zneužitie”.

Ďalšie informácie

content-disposition as attachment for HTML file downloads rendered text

  • 1 odpoveď
  • 0 má tento problém
  • 7 zobrazení
  • Posledná odpoveď od garym3

more options

I am at a loss as to why this started to happen only a few weeks ago after a years of working fine, and why it should happen at all:

given a link to an HTML file where the headers include content-disposition set to attachment and the server (NextCloud30) mistakenly setting content-type to text/plain, what downloads is not the HTML file, but a text rendering of that HTML file, which is, of course, completely useless to the purpose and makes no sense whatsoever that it should happen. Why would anyone download a file and expect to the be interpreted?

But more to the point, how do I stop this behaviour. The above link, on my home cloud so be gentle, will work just fine on Firefox/Linux, but on Firefox/Android it will download as a 7k rendering of the file, renamed with the txt extension. The link itself is just a few holiday classics in the iRealPro format, which is, sadly, and HTML file. Up until two weeks ago, I would post a link in our band group chat, band members would click the link, be asked if they should launch iReal, and then iReal would ask if they would like to import this playlist.

what happens now is I post the NextCloud public link, they click and get a landing page that correctly describes the file as 20k HTML and has that previous link as the Download button. Clicking that gets you 7k of useless text.

I can't say for certain that this is a few 'feature' of a recent Firefox update or something that was changed in a minor update to Nextcloud. I believe it may also happen on Safari, but I haven't confirmed that, all I know is the link does not work on mobile for most users.

Here are the headers that curl reports, although I don't think Nextcloud gives me any option to change these:

content-security-policy: default-src 'self'; script-src 'self' 'nonce-mgMdbHYk4V+oWScEpk7i171o4ZyKPO7IxeSXK7sI63s='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self'; content-disposition: attachment; filename*=UTF-8Xmas%20Market.html; filename="Xmas%20Market.html" content-transfer-encoding: binary expires: 0 cache-control: must-revalidate, post-check=0, pre-check=0 x-accel-buffering: no set-cookie: oc_sessionPassphrase=%2Fegdgxxr7IrZtmyhNVtKFUUTuaGRP97kftOGnPzaj0WDg0DTeoWnq%2BjRFrtKqQPB5lt%2B7pqIHRhLLNwXOQpErhhw8LGyV7zkmBq1lKRKVtcrqgZQTgB8iPK%2By24iPZnd; path=/; secure; HttpOnly; SameSite=Lax set-cookie: __Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax set-cookie: __Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict set-cookie: ochghoy8fko5=n0ktulqqs85monimi7nm0hkqb5; path=/; secure; HttpOnly; SameSite=Lax strict-transport-security: max-age=15768000; includeSubDomains referrer-policy: no-referrer x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow x-xss-protection: 1; mode=block content-length: 20456 content-type: text/plain;charset=UTF-8 date: Sun, 08 Dec 2024 18:25:07 GMT server: Apache

I am at a loss as to why this started to happen only a few weeks ago after a years of working fine, and why it should happen at all: given [https://nas.teledyn.com/s/JtggMFbi5tPYBqT/download/Xmas%20Market.html a link to an HTML file] where the headers include content-disposition set to attachment and the server (NextCloud30) mistakenly setting content-type to text/plain, what downloads is not the HTML file, but a text rendering of that HTML file, which is, of course, completely useless to the purpose and makes no sense whatsoever that it should happen. Why would anyone ''download'' a file and expect to the be ''interpreted''? But more to the point, how do I stop this behaviour. The above link, on my home cloud so be gentle, will work just fine on Firefox/Linux, but on Firefox/Android it will download as a 7k rendering of the file, renamed with the txt extension. The link itself is just a few holiday classics in the iRealPro format, which is, sadly, and HTML file. Up until two weeks ago, I would post a link in our band group chat, band members would click the link, be asked if they should launch iReal, and then iReal would ask if they would like to import this playlist. what happens now is I post the [https://nas.teledyn.com/s/JtggMFbi5tPYBqT NextCloud public link], they click and get a landing page that correctly describes the file as 20k HTML and has that previous link as the Download button. Clicking that gets you 7k of useless text. I can't say for certain that this is a few 'feature' of a recent Firefox update or something that was changed in a minor update to Nextcloud. I believe it may also happen on Safari, but I haven't confirmed that, all I know is the link does not work on mobile for most users. Here are the headers that curl reports, although I don't think Nextcloud gives me any option to change these: content-security-policy: default-src 'self'; script-src 'self' 'nonce-mgMdbHYk4V+oWScEpk7i171o4ZyKPO7IxeSXK7sI63s='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self'; content-disposition: attachment; filename*=UTF-8''Xmas%20Market.html; filename="Xmas%20Market.html" content-transfer-encoding: binary expires: 0 cache-control: must-revalidate, post-check=0, pre-check=0 x-accel-buffering: no set-cookie: oc_sessionPassphrase=%2Fegdgxxr7IrZtmyhNVtKFUUTuaGRP97kftOGnPzaj0WDg0DTeoWnq%2BjRFrtKqQPB5lt%2B7pqIHRhLLNwXOQpErhhw8LGyV7zkmBq1lKRKVtcrqgZQTgB8iPK%2By24iPZnd; path=/; secure; HttpOnly; SameSite=Lax set-cookie: __Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax set-cookie: __Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict set-cookie: ochghoy8fko5=n0ktulqqs85monimi7nm0hkqb5; path=/; secure; HttpOnly; SameSite=Lax strict-transport-security: max-age=15768000; includeSubDomains referrer-policy: no-referrer x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-permitted-cross-domain-policies: none x-robots-tag: noindex, nofollow x-xss-protection: 1; mode=block content-length: 20456 content-type: text/plain;charset=UTF-8 date: Sun, 08 Dec 2024 18:25:07 GMT server: Apache
Priložené obrázky

Vybrané riešenie

While I still don't see the value in what is downloaded being rendered, I have found the solution to my problem in the Nextcloud sources where I could force .html to be text/html and not text/plain, and the file now downloads as the original HTML.

Čítať túto odpoveď v kontexte 👍 0

Všetky odpovede (1)

more options

Vybrané riešenie

While I still don't see the value in what is downloaded being rendered, I have found the solution to my problem in the Nextcloud sources where I could force .html to be text/html and not text/plain, and the file now downloads as the original HTML.

Pomohla vám táto odpoveď?

Položiť otázku

Ak chcete odpovedať na príspevky, musíte sa prihlásiť do svojho účtu. Ak ešte nemáte účet, položte novú otázku.