Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

AEM 6.5 Asset direct link downloads ,does not open asset in browser

Avatar

Level 2

Dear Team,

 

Issue : 

I have a file on this path http://localhost:4502/assetdetails.html/content/dam/we-retail/en/activities/hiking/abc.mp4,​ when I try to access this video file by direct link like this: http://localhost:4502/content/dam/we-retail/en/activities/hiking/abc.mp4, Video gets downloaded . I know it is expected behavior.

what if we need to open assets in Browser rather than downloading it ?

Description:

I am facing this  issue in AEM 6.5 (without any service packs). I tried all possible tricks with Content Disposition filter like check/uncheck flag , putting proper values in included resource paths , but still it downloads my video assets rather than streaming in browser.

I am referring video assets through direct DAM link .

 

May I request if someone can be able to help me out here .

 

Thanks in advance.

1 Accepted Solution

Avatar

Correct answer by
Level 4

Hi There,

 

This behavior is same in earlier version as well. One way is to put "Included Resource Paths & Content Types" like shown below however it is very restrictive way as regular expression does not work and path prefix has to be put up.

 

sameerb50449612_0-1579772293498.png

 

I suggest you just uncheck the all resources and handle the same at apache level. So basically all the assets will be shown in-browser for streaming and then whenever you want to override this behavior, do that at dispatcher layer by adding for example below snippet:

     <FilesMatch "\.pdf$">  

         Header set Content-Disposition attachment  

     </FilesMatch>  

View solution in original post

0 Replies

Avatar

Correct answer by
Level 4

Hi There,

 

This behavior is same in earlier version as well. One way is to put "Included Resource Paths & Content Types" like shown below however it is very restrictive way as regular expression does not work and path prefix has to be put up.

 

sameerb50449612_0-1579772293498.png

 

I suggest you just uncheck the all resources and handle the same at apache level. So basically all the assets will be shown in-browser for streaming and then whenever you want to override this behavior, do that at dispatcher layer by adding for example below snippet:

     <FilesMatch "\.pdf$">  

         Header set Content-Disposition attachment  

     </FilesMatch>  

Avatar

Employee
This is correct. The Content Disposition Filter causes the asset to download as a security measure. You could technically embed a malicious script inside say an SVG asset which if rendered within the browser could execute code unknowingly.

Avatar

Level 1

@arvindp66202646  I also faced similar issue while performing AEM upgrade from 6.3 to 6.5 SP4

Reason - Reason is the response header ‘content-disposition: attachment’. 

issue-19-screen-1.jpg

Solution : There are two possible solutions -

#Solution1 -

  • Control the content-disposition using 'Apache Sling Content Disposition Filter' 
  • Configure the property 'Enable for all Resource Paths' to true. Do not set the content-disposition header explicitly.
  • Keep the content-disposition header to its default value - 'Inline'
  • issue-19-screen-2.jpg

#Solution2 - Second solution is to handle the same at apache level and dispatcher level - the approach suggested by @SameerBhalerao  in this thread.

Thanks