Saved PDF file is corrupt after download if user visits my asp.net site from email link, but is not corrupt after manual login?

Question

My apologies if I've missed any applicable answers during my search.

My asp.net website sends user A an email with a link. Trustwave adds some wrapper information around the link before delivering the email. The user clicks the link, authenticates, and is taken to applicable content. If user A navigates to docs.aspx, selects a PDF, and downloads, PDF is corrupt when user A opens the PDF. The site doesn't create the PDF, it was uploaded by user B.

But, if user A manually browses to site, authenticates, navigates to docs.aspx, and downloads the PDF, it isn't corrupt. Both cases use the same authentication, doc.aspx, code-behind, and PDF.

Stepping through the code is difficult because I don't know how to generate the (Trustwave-protected) email link in my test environment.

Can you suggest additional ways to troubleshoot this? A PNG file worked in both cases, but I don't want to limit the file types user B can upload. The PDF file size is 11 KB, and I'm using an up-to-date Chrome web browser. Simple detailed answers and examples are appreciated.

Here is the doc.aspx method:

For Each i As ListItem In Me.FileListbox.Items

    If i.Selected Then
        Response.Clear()
        Response.AppendHeader("Content-Disposition", "attachment; filename=" & i.Text)
        DownloadFile = Server.MapPath("documents") & i.Text

        Select Case Right(i.Text, 3)
            Case "doc"
                Response.ContentType = "application/msword"
            Case "jpg"
                Response.ContentType = "image/jpeg"
            Case "pdf"
                Response.ContentType = "application/pdf"
            Case "png"
                Response.ContentType = "image/png"
            Case "xls"
                Response.ContentType = "application/vnd.ms-excel"
            Case "zip"
                Response.ContentType = "application/zip"
            Case Else
                Response.ContentType = "application/octet-stream"
        End Select

        Response.TransmitFile(DownloadFile)
        Response.End()
    End If
Next

Please see [Is Response.End() considered harmful?](https://stackoverflow.com/q/1087777/1115360) — Andrew Morton, Oct 18 '19 at 19:38
@wazz -- that was a syntax error I introduced while editing for clarity (this site was developed in vb.net but I've since switched to c#) — glimmering, Oct 20 '19 at 16:17
@the_lotus -- yes, it's the right file. There aren't any duplicated files. I also tested by uploading new files and was able to repeat the error. — glimmering, Oct 20 '19 at 16:19
@glimmering Also, you should investigate what the corruption is: is it too short, does it have some HTML prepended, are some bytes changed...? — Andrew Morton, Oct 20 '19 at 16:31
@glimmering I was asking because Server.MapPath does not return a "\" at the end and if you just concatenate a filename then the DownloadFile value will be wrong. — the_lotus, Oct 21 '19 at 12:08

wazz · Answer 1 · 2019-10-20T19:26:28.403

0

Try wrapping the file name in quotes in the header:

Response.AppendHeader("Content-Disposition", "attachment; filename=\"" + i.Text + "\"")

edited Oct 20 '19 at 19:26

answered Oct 19 '19 at 18:06

wazz

4,953
5
20
34

I will try this, but what is the benefit of doing so? – glimmering Oct 20 '19 at 16:21
In VB.NET, that would be `Response.AppendHeader("Content-Disposition", "attachment; filename=""" & i.Text & """")`. – Andrew Morton Oct 20 '19 at 16:27
@glimmering - I seem to remember it fixing a problem for me a long time ago, thought it might be the fix. Not seeing anything else ATM. (And I think it's *supposed* to be in quotes, IIRC.) – wazz Oct 20 '19 at 19:27
Also, possibly missing a slash after 'documents' in `Server.MapPath`. ? In my download code, I use (C#): `Response.TransmitFile(Server.MapPath("~/downloads/other-folder/" + fileName));`. Note the slash before the file name. – wazz Oct 20 '19 at 19:30
@AndrewMorton - I have made this change but the problem is still there. – glimmering Oct 23 '19 at 23:47
All - I will post here once I (hopefully!) solve this. Thanks again for your time and suggestions. – glimmering Oct 23 '19 at 23:48
All - here is an example of the same technique, converted to c# for another project. This works with no errors. – glimmering Oct 24 '19 at 00:12

score 0 · Answer 2 · answered Oct 21 '19 at 14:41

There is a thing witch go wrong:

1-Never close Response when you write or transmit something on them.

Response.End() cause Thread interruption use Response.Flush() instead. However following code is a better technique to transmit file as binary data and not as a file:

 Response.AddHeader("Content-Disposition", "attachment; filename=" & "put your filename here")
        Response.ContentType = "application/pdf"  

        'Read your file as binary data from your phisical path on server 
        Dim data() As Byte = My.Computer.FileSystem.ReadAllBytes("put your path of file here .pdf")

        ' And transmit those data as binary 
        Response.BinaryWrite(data)
        Response.Flush()
        Context.ApplicationInstance.CompleteRequest()


        'IMPORTANT: NEVER CLOSE Response whith Response.End and use Context.ApplicationInstance.CompleteRequest() instead

Thank you for this idea. I tried this but the problem is still happening. — glimmering, Oct 23 '19 at 23:46

Saved PDF file is corrupt after download if user visits my asp.net site from email link, but is not corrupt after manual login?

2 Answers2