I've looked around online for this but can't seem to find an answer anywhere so hopefully someone can help.
I'm getting a "Windows Security" popup appearing on a site I've created (and so are others which is who I need to fix it for rather than myself) when trying to download a word document or excel file. PDFs seem fine.
An example page is http://www.christletonhigh.co.uk/school_information/uniform.php if you click to download the “Uniform Prices & Order Form” in the bottom right.
There’s no SSL on the site and the error only comes up on IE (I'm using IE9 on Windows 7 which I've seen others mentioning online as their setup with this happeneding) and doesn’t seem to effect all files so it’s a bit confusing. Clicking cancel on the popup causes the document to open anyway.
Anyone have any ideas please? The client tells me that the documents causing the problems have never been password protected.
For the reference, here's the detailed explanation why this happens: http://support.microsoft.com/kb/2019105
Solution mentioned by Anshuman should work: create script that adds "Content-Disposition" header with "attachment" value. For example: Content-Disposition: attachment; filename="myfile.doc". This will force all the content (including PDF, images, etc.) to be downloaded.
Security settings aside, other browsers seem to handle this more gracefully than IE9. Chrome, for example, seems to handle the download of the document with ease, and not result in a Windows Security dialog prompting for credentials to their network...
The users can disabled the 'protected view' settings from Word options | Trust Center, and the document will open with no dialog (probably not desirable to instruct them to do this)
I suppose this is the risk one takes when having users download content which require other applications to handle. a PDF would be better (hence the "P" for "Portable"), so if they can use PDF, that would be my first advice.
This issue comes when you give the direct URL path of the file and let the browser handle the file. To resolve this create a php script that explicitly downloads the file. Hope this helps :)
Related
Malware Search.sidecubes has affected by mozilla firefox
Using google, I uninstalled all programs which could be related to searchcubes, further I deleted all add-on's and also checked regedit, about:config, checked folders in ../users/appdata/local/mozilla etc etc. I managed to get rid of search.sidecubes getting set as homepage.
But now even after selecting google as default search option (including about:config page), whenever I search anything in search toolbar of firefox it always redirects to search.sidecubes instead of Google.
same issue is also happening in google chrome
I'm not sure your question is well suited for SO. Anyway, Mozilla SUMO has a nice support guide about how to deal with malware on Firefox.
Some suggestions extracted from that page:
If you're executing Firefox from a link, make sure the link does not contain any undesired command line option.
Use the SearchReset addon to clean up your default page and reset settings.
Scan using Malwarebytes Anti-malware free.
I use Firebug for web development. Since version Firefox 37 I see the following annoying message in my console:
This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1"
I understand that it is an important message, but it is duplicated many times and makes my work almost impossible.
Moreover, it appears every time my page communicates with other pages, for example with Google Analytics and other counters. So if I were to update my certificate, this message would still appear because these sites would have SHA-1.
So any site with GA gives me trouble.
How can I disable or filter this message?
As stated in the Firebug discussion group, Firebug's Console panel currently (Firebug 2.x) cannot filter single messages out. You can only filter by messages matching a specific text using the search field.
There are enhancement requests like issue #4507 reported to add such a filter, though it is unlikely that this will get implemented in Firebug, especially not in version 2.x, directly.
Firebug 3 will integrate into the built-in DevTools, which allow you to filter those warnings by unchecking Warnings within the Security menu inside the Console panel:
Besides that I created bug 1170476 asking to reduce the messages to a minimum.
Update:
Firebug development is discontinued. Instead, there is a Firebug theme available within the Firefox DevTools starting from Firefox 48. Bug 1170476 is fixed since Firefox 42, so you will only see one message logged with a counter showing how often the message occurred.
you can get rid of the message, but you have to modify firebugs code.
Sorry forgot to mention you need to convert the .xpi to .zip and extract the files first. You can leave the folder as is when done or zip it and convert it to an xpi again. You will need to restart Firefox.
locate the pluggin in your firefox profile dirctor and go to this file "\extensions\firebug#software.joehewitt.com\content\firebug\console\errors.js".
search for "logScriptError: function(context, object, isWarning)".
After the code "var error = new ErrorMessageObj(object.errorMessage, object.sourceName, object.lineNumber, object.sourceLine, category, context, null);".
input the following code:
if(error.message.indexOf('SHA-1') != -1 || error.message.indexOf('Security Policy') != -1){
return false;
}
should be about line 330.
Select the Console tab and, keeping pressed Ctrl on the keyboard, click on Errors, Info, Debug Info, Cookies.
Bear in mind that this will disable the output of all the warnings logged in Firebug and not only the ones generated by googleapis.
Remove HTTPS from the URL or keep all resources local.
I am using HTML and CSS, and willing to use a very simple JavaScript code if necessary.
I uploaded ResumeWord.doc and ResumePDF.pdf to the FTP. I created links for "View" "Download" and "Print" for each. ResumeWord.doc only seems to give me a pop-up with options to Open or Save instead of opening in the browser, while I was able to open ResumePDF.pdf in the browser but not create a clickable link to download it without viewing. I have tried the HTML target_blank and JavaScript window.open for the "View", unsuccessfully. I am self-taught and an amatuer.
How can I make the "View" link open ResumeWord.pdf in the browser without a pop-up?
How can I get ResumePDF.pdf to download when the user clicks "Download"?
Without some help, the browser won't assume that a user has Microsoft Word installed on their computer. That is why you only get the option to save it, rather than it opening.
The PDF, however, is something that can be viewed in-browser, and the browser can check if the right files are installed to make this happen. So if they are, the browser goes ahead and opens the file.
As for forcing the browser to open a word file, see this SO question.
And as for forcing a download of a PDF, see this SO question. It may not be possible, in your case, as the solution involves sending different server-side headers.
I have a fresh installation of Liferay on Tomcat and in IE7 it doesn't show the buttons for visual editing in the editor when I try to edit content.
It works on in Firefox or Chrome.
Does anyone have an idea why would that happen? I am not sure where to dig, I don't see javascript exceptions and it doesn't look like the buttons are even populated in IE. It is hard to debug IE problems since I don't have a tool like Firebug there.
I downloaded the 6.1 and still have the same problem, adding the URLs of what I see. Looks like IE only has the text box and in the DOM I don't see the same things that I see in FF.
http://i44.tinypic.com/35jf5td.jpg
http://i43.tinypic.com/11qqvt0.jpg
Update on this:
I checked with some people in our organization and they have the buttons on their browser.
I checked the version of the IE browser and it's the same down to the last digit. Properties are the same as well. The only difference is that I have some plugins installed that the other browser doesn't. I tried disabling all the plugins but it didn't help.
The suspect plugin is Google Chrome Frame (ChromeFrame BHO). Can someone please try to add this plugin and see if it messes things up? The disabling it doesn't help.
Liferay CE 6.0 contains few bugs within the WYSIWYG editor integration.
One issue with IE is LPS-16004 (solution included). This might be the same problem as you are experiencing.
I remember we had also problem with javascript race condition in editor initialization, which sometimes loads the editor incorrectly.
But I strongly suggest you to move to Liferay CE 6.1 as it is much more stable.
Ok, I finally figured it out, so if someone has the same problem, here is the reason - we have Google Chrome Frame plugin installed in our organization, but it only works on white-listed domain names. In this case the domain the site was on wasn't whitelisted, but the portal looked at the agent string and saw chromeframe there and assumed it can use it as chrome browser, which broke things.
Right now I will try to white-list the domain and see if it works. Another solution would be to try and find a place where we look for the agent string and fix it there, not sure where this place is.
I'm wondering if there's any way to have Firefox 3 (or IE 7 or safari 3.1 or Opera) flag that a redirect has occurred (i.e. any deltas between the hyperlink or URL entered into address bar, and the page you land on), whether you've arrived from a hyperlink or entering URL into address bar.
I've googled some, looked at the linker addon, but the rightclick is an additional step I don't want to have to do.
Edit: If anybody can point me at the mozilla docs that show how to track clicked links and pages landed on in different tabs, i'll take a crack at writing a bookmarklet. TIA
I don't think this will help, since you don't want to do the right click for the linker add-on, but if I needed to do know if I was being redirected, I would use the LiveHTTPHeaders extension. It supports regular expressions, so you can only get headers that include 'Location'.
The reason I don't think it is what you are looking for is that you have to open it before the link, it won't "flag" a redirect and pop a message up or anything.
Not sure if that's exactly what you need, but the NoRedirect extension seems to be related to your problem. Quoting it's description:
NoRedirect lets the user take control of HTTP redirects. It can be used to interdict an ISP's DNS search redirection hijacks, preview/screen "shortened" URLs (e.g., TinyURL), stop the annoying redirection of "smart" error pages, etc.
If that's not what you wanted, looking into the extension's code might at least help you find some hooks for your proposed bookmarklet.