TechQA.

Google Update Created Bug - This file should be served over HTTPS. This download has been blocked

4.5k views Asked by At

Google Chrome started blocking downloads served via HTTP.

This update broke my download links and shows the console error below.

Mixed Content: The site at 'https://www.sellmyiphonemiami.com/' was loaded over a secure connection, but the file at 'https://www.sellmyiphonemiami.com/order/print-shipping-label/731' was redirected through an insecure connection. This file should be served over HTTPS. This download has been blocked. See https://blog.chromium.org/2020/02/protecting-users-from-insecure.html for more details.

My pdf downloads are served over HTTPS but I still get this error.

Network console show 2 records: First one -

Request URL: http://www.sellmyiphonemiami.com/order/print-shipping-label/732 Request Method: GET Status Code: 301 Moved Permanently (from disk cache) Remote Address: 52.10.157.2:80 Referrer Policy: strict-origin-when-cross-origin

Second one -

Request URL: https://www.sellmyiphonemiami.com/order/print-shipping-label/732 Request Method: GET Status Code: 200 Remote Address: 52.43.218.108:443 Referrer Policy: strict-origin-when-cross-origin

Heres is my controller:

$filename = sprintf('FedExShippingLable-%s.pdf', $o->getTrackingNumber());
    $fs = new Filesystem();
    $fs->dumpFile($filename, $o->getDocument());
    // Generate response
    $response = new Response();
    // Set headers
    $response->headers->set('Cache-Control', 'private');
    $response->headers->set('Content-type', mime_content_type($filename));
    $response->headers->set('Content-Disposition', 'attachment; filename="' . basename($filename) . '";');
    $response->headers->set('Content-length', filesize($filename));
    // Send headers before outputting anything
    $response->sendHeaders();
    $response->setContent(file_get_contents($filename));
    $fs->remove($filename);
    return $response;
php symfony google-chrome referrer-policy
Original Q&A
1

There are 1 answers

2
Andre Van Veen On

The problem I found was simple but I still don't understand why.

We used the twig extension 'url' which created an http request 'url' instead of https.

Changing the extension to 'path' fixed the problem.

I will not mark this as the answer because hopefully, someone can explain why the 'url' extension returned this URL 'http://www.sellmyiphonemiami.com/order/print-shipping-label/732' and why 'path' worked.

This worked:

 href="{{ path('label', {"id": order.id}) }}

This stopped working:

 href="{{ url('label', {"id": order.id}) }}

Related Questions in PHP

Related Questions in SYMFONY

Related Questions in GOOGLE-CHROME

Related Questions in REFERRER-POLICY

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions