This week's book giveaway is in the Java in General forum. We're giving away four copies of Think Java: How to Think Like a Computer Scientist and have Allen B. Downey & Chris Mayfield on-line! See this thread for details.
Hi, We have a servlet that streams a PDF file into the ServletOutputStream of the response object. We set the content type in the header to be application/pdf. There is nothing special in the logic and there is nothing else in the response object except this stream of binary file. However, when the application is run using https connection the browser would always issue a warning message "This page contains both secure and non-secure items. Would you like to view the non-secure items?" Clicking Yes (or No!) actually displays the PDF. But why is this? Does it mean that the binary stream is not encrypted automatically if using ServletOutputStream (thus making it a non-secure item in the page)? What do we need to do to ensure that the file we send through ServletOutputStream will be automatically encrypted when viewed in an https connection? Please help. Thanks Eric
posted 14 years ago
Hi, I forgot to mention in my previous post that the problem only occurs if the request is a result of a POST method. When streaming the PDF on a GET, the problem does not occur. thanks