CAUTION: Malformed PDF files through HTTPS sites because of browser setting

Discussion in 'other software & services' started by BoerenkoolMetWorst, Jan 4, 2013.

Thread Status:
Not open for further replies.
  1. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    Over the last few years I occasionally got asked for help from friends and family because they couldn't open or download PDF's from certain HTTPS sites. When trying to open it showed up with different filename(for example instead of document.pdf it would be documen~1_pdf or something like that) and when saving the file to disk only a *random number*.part file would show up. I've never been able to find the root of the problem. Recently my stepfather was trying to download banking statements from online banking as PDF files and had the same error, so he called the bank's helpdesk and they had been troubleshooting with him for a few hours, they asked several IT guys as well, but they couldn't fix it so in the end they gave up and they send the statements on paper via regular mail. I have now finally discovered that this is caused by disabling saving encrypted pages to disk cache. As caching content from encrypted pages is generally deemed insecure it is advised to disable in several hardening guides and some security suites with privacy/securit wizards like Kaspersky do it as well. Not all sites are affected so perhaps the affected ones offer the PDF's in a non-standard way or have sloppy coding or something like that, but restoring the setting to default definitely fixed it. In conclusion, it is not advised to change this on PC's of 'normal' users and I would advise guides and software to give a warning to inform the user when disabling it.
     
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    You don't seem to mention anything about your setup.
     
  3. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ BoerenkoolMetWorst

    Re - *random number*.part file etc

    I only occasionally see that remain, if for some reason it fails to Fully download. As PDF's are downloading, especially large ones, i'll see that until completed. I "think" it's normal !

    Re - disabling saving encrypted pages to disk cache.

    Do you mean, due to that setting in IE Options ? I have mine set like that, but don't use IE anymore. What browser was used ? Try a different one

    I save ALL downloads to my desktop, or a folder on my DT.

    I'm on XP/SP2
     
  4. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,702
    Those ~ names are short names, nothing special.
    In general, if you tinker, problems will occur.
    Mrk
     
  5. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Yes, that would be the reason why the download was failing. For those not knowing, Internet Explorer has an option that will allow you not to save encrypted pages to disk, and if enabled you won't be able to download files from encrypted pages.

    I hope I'm not wrong, but there was someone who alerted for this sometime ago in another thread, as well.

    Bottom line is: Never enable/disable anything you're not familiar with, and mostly never do it because someone says it's OK, because most of the times* they're just plain stupid people with nothing better to do with their own lives. But hey, this is a secret, so don't spread the word. :blink: :D

    * Other times, we're dealing with people who most likely weren't aware of all the implications.
     
  6. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    I did, and you're correct (if he's talking about IE). The feature pretty much means nothing that comes from a secure source can touch the drive. I personally don't recommend it, instead, you're better of using InPrivate mode for banking and such.
     
  7. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    Yes, it is indeed with IE.

    @Cloneranger
    Re - *random number*.part file etc

    Yes, but the point was that with this setting, it always fails.
     
  8. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    I just tested downloading a pdf file in IE8 from an https site and it worked fine. Why would not caching https sites to disk affect downloads from those sites? What are you guys smoking? o_O
     
  9. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Nothing better than the source: -https://blogs.msdn.com/b/ieinternals/archive/2011/05/07/downloads-and-flash-fail-when-do-not-save-encrypted-pages-to-disk-is-set.aspx?Redirected=true

    But, it's about IE9. It seems to behave different with IE10 now. Most likely, judging by what you're saying, it also behaves different with IE8.
     
  10. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    Indeed, about IE8 and 10, it's also in the article:
     
Loading...
Thread Status:
Not open for further replies.