<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<div style="padding-bottom: 10px; padding-top: 5px;">
<div style="padding:12px; border:1px solid #8D3970; background-color:#F7F9FA; color:#8D3970; font-size:14px; line-height:22px; font-family: Calibri, Arial, Helvetica, sans-serif;">
<strong>CAUTION:</strong> This e-mail originated outside the University of Southampton.
</div>
</div>
<div>
<div dir="ltr">Morning all,
<div><br>
</div>
<div>Don, John and David; thank you so much for setting me on the right path. I had zero chance of sorting this out without your help. Especially since I forgot that the console existed in Chrome...</div>
<div><br>
</div>
<div>I read this blog post that explains my repo-woes:</div>
<div><br>
</div>
<blockquote style="margin:0 0 0 40px;border:none;padding:0px">
<div><a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fblog.chromium.org%2F2020%2F02%2Fprotecting-users-from-insecure.html&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cf73e7745e4074271056e08d8b1599f1c%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637454345771118330%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Esd4skeL8VxGX9flmUK4htKyhv4%2BPc4AwFf7pmN8NRo%3D&reserved=0" originalSrc="https://blog.chromium.org/2020/02/protecting-users-from-insecure.html" shash="eWG2t1GrANwJhzfsU9V4MYg1G9IAZAZRp+Zlia1+4dxjAesoJByoJhwuUOaaxrGYpmwz+SY2NmZeFqlbOo7r/HRv+0WGl+QOxq0/DPz4PdS9eK2P8GDT5PSraz0c4kIS52auhEYubmLU6nE8VZsWOXQxtss8IgG1pJ4Bwy5fzwo=">https://blog.chromium.org/2020/02/protecting-users-from-insecure.html</a></div>
</blockquote>
<div><br>
</div>
<div>I found this "solution" that appears to work on the repository side of things:</div>
<div><br>
</div>
<blockquote style="margin:0 0 0 40px;border:none;padding:0px">
<div><a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fstackoverflow.com%2Fquestions%2F32650396%2Fmixed-content-insecure-content-ssl&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cf73e7745e4074271056e08d8b1599f1c%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637454345771128324%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=1JQjsv8wM8tkm4nz%2Fycny%2B5IyqjrZGRFaRjzullKVyo%3D&reserved=0" originalSrc="https://stackoverflow.com/questions/32650396/mixed-content-insecure-content-ssl" shash="WKQaHo9QCXcZoI5xoZ+hbNY7xfd3D44eFIKzy7+t7jkRmnZkZVXfsiwqXVJHFRyKgTFChwsy8sPXgzvghGPhUEgpMYgbClYvtAWWf6lV2XLSWKmIP728IEsL/28D5UK12p5o/oayIvzoj/5pfx4ayhg94FL9Yxy7USe/nRd/0rw=">https://stackoverflow.com/questions/32650396/mixed-content-insecure-content-ssl</a></div>
</blockquote>
<div><br>
</div>
<div>I've so far opted for the addition of the meta tag in ../cfg/templates/default.xml:</div>
<div><br>
</div>
<blockquote style="margin:0 0 0 40px;border:none;padding:0px">
<div>meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests"</div>
</blockquote>
<div><br>
</div>
<div>I appreciate this isn't the BEST solution, but it's the most immediate one that gets some people off my back until I can implement a proper one. It does not solve the issue of accessing the file via Elements, which is what I expected.</div>
<div><br>
</div>
<div>It was one of my predecessors or CSD that set up HTTPS in our repository and it hasn't been done in the standard "EPrints way". I thought it worked well by redirecting people to HTTPS. I had previously tried replicating this set-up in our data repository,
but I'm glad I didn't now. The data repo doesn't go to https until logging in and it often generates emails from users along the lines of "your website isn't secure!".</div>
<div><br>
</div>
<div>Anyway, thank you once more for the help and advice. I will update you all on how I get on.</div>
<div><br>
</div>
<div>Thanks,</div>
<div>James</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Mon, Jan 4, 2021 at 10:25 PM David R Newman <<a href="mailto:drn@ecs.soton.ac.uk">drn@ecs.soton.ac.uk</a>> wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<p>Hi John,</p>
<p>I have just tested you config change but it does not seem to work on the abstract page of the repository I have been testing on. My recommendation would be to set the following config option at the end of
<a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2F10_core.pl%2F&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cf73e7745e4074271056e08d8b1599f1c%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637454345771128324%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=u6eZ66ivNKEubxT6WcsKPuAYYhZ9yXJfC7DF7DUDz7A%3D&reserved=0" originalSrc="http://10_core.pl/" shash="xnKfd2EUg6DIF1nfo2viIh0Iy9LG96BtD1R/HlTDVIT+TJFzvu8SkEIV4/AzZSAfIJPhahKR1wEPkb9Wlbvm/mq4A5CjADWkPPDDcdMSXt3owxbuzMApC0lz1UzaYfHfNqG/3yklbmaMXXBHh+Hb4FcoQOx8VJ8Cok0kjVGgzeA=" target="_blank">10_core.pl</a> to make the URLs protocol-relative:</p>
<p>$c->{http_url} = '//' . $c->{host} . '/';</p>
<p>$c->{http_cgiurl} = '//' . $c->{host} . '/cgi/';</p>
<p>This sets a protocol relative URL rather than an http one. You could alternativerly set to 'https://' . $c->{host} . '/'; to just make all URLs https. If you only set to the protocol-relative option then there is a minor issue that the EPrint::View page
for live items with be display the URL as //HOSTNAME/12345/ rather than <a href="https://HOSTNAME/12345/" target="_blank">
https://HOSTNAME/12345/</a> which may be confusing to some users as they would expect it to start http or https. Also default abstract/summary pages will display the URI as protocol-relative at the end of the summary table. These are issues I have been trying
to address for adding robust protocol-relative URL support to EPrints 3.4.3.<br>
</p>
<p>The motivation to switch to procotol-relative URLs is that it saves a wholesale switch from http to https URLs with redirects that I have noted often causes a dip in Google-indexing and download stats for up to a month or so. An explanation about why this
happens can be found at:</p>
<p><a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.eprints.org%2Fw%2FSimplified_HTTPS_Configuration%23Issues_and_Troubleshooting&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cf73e7745e4074271056e08d8b1599f1c%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637454345771138325%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=pvIJ1izXXStcF6DTgQcOgfyT0ZOX9bzLXH%2FM8AkaS4s%3D&reserved=0" originalSrc="https://wiki.eprints.org/w/Simplified_HTTPS_Configuration#Issues_and_Troubleshooting" shash="dRCO178BervftcrBknZyHJti/+95ql+l2apLtsctvQC9teAlG8GXe3v/Vqf+917J4Yb7bgXfD/bS6YA2LkyLQaaiBSx/5H98nm8b2AqEmuOif6HXpB5xTP9UAta44eq5Iynl1MU2uc7oD9UcwhJUM9gcXRAZ9AYhIRfB5RDkh1A=" target="_blank">https://wiki.eprints.org/w/Simplified_HTTPS_Configuration#Issues_and_Troubleshooting</a>
<br>
</p>
<p>I don't think using https in the http_url configuration option will affect the download stats that much, as it won't lead to and http to https redirect that is the predominant factor in lowering download stats. It will however, change the URIs for eprint
items, which may have an affect on Google indexing. However, this is very much dependent on how Google seeks out the URLs to be indexed, which is multivarious.</p>
<p>Regards</p>
<p>David Newman<br>
</p>
<div>On 04/01/2021 18:02, John Salter wrote:<br>
</div>
<blockquote type="cite">
<div style="padding-bottom:10px;padding-top:5px">
<div style="padding:12px;border:1px solid rgb(141,57,112);background-color:rgb(247,249,250);color:rgb(141,57,112);font-size:14px;line-height:22px;font-family:Calibri,Arial,Helvetica,sans-serif">
<strong>CAUTION:</strong> This e-mail originated outside the University of Southampton.
</div>
</div>
<div>
<div>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">I've just re-checked my config files.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">For 3.3.x, if you include (in e.g.
<a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2F10_core.pl%2F&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cf73e7745e4074271056e08d8b1599f1c%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637454345771138325%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=f%2BuxN0B8bVud5xKRPaScBhvxbbpXYHpLpLJACYk6H7I%3D&reserved=0" originalSrc="http://10_core.pl/" shash="pXLwrbENtu49bhjSTDO9FdR9NnlgNffvzn+20L4xNSj0k3q7OCs7GgKltfpvJM0P5a/Ypl3+0vFeTF27TMeyPecbWHIBSG3mAIjp40CPdBkmM1oQkCceoruuaWJVn4sat0zue4IaQW364dvbO00xdxviLrldwy6NU/DPC0XUdHQ=" target="_blank">10_core.pl</a>):<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> $c->{http_root} = undef;<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">It will make thumbnails/download links relative rather than absolute.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">I think there was more to it that that though - if you're creating downloadable content (e.g. coversheets) , you want it to render the full links (using with
https by defult).<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Cheers,<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">John<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"><u></u> <u></u></span></p>
<div>
<div style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(225,225,225);padding:3pt 0cm 0cm">
<p class="MsoNormal"><b><span style="font-size:11pt;font-family:Calibri,sans-serif" lang="EN-US">From:</span></b><span style="font-size:11pt;font-family:Calibri,sans-serif" lang="EN-US">
<a href="mailto:eprints-tech-bounces@ecs.soton.ac.uk" target="_blank">eprints-tech-bounces@ecs.soton.ac.uk</a> [<a href="mailto:eprints-tech-bounces@ecs.soton.ac.uk" target="_blank">mailto:eprints-tech-bounces@ecs.soton.ac.uk</a>]
<b>On Behalf Of </b>David R Newman via Eprints-tech<br>
<b>Sent:</b> 04 January 2021 17:44<br>
<b>To:</b> John Salter <a href="mailto:J.Salter@leeds.ac.uk" target="_blank"><J.Salter@leeds.ac.uk></a>;
<a href="mailto:eprints-tech@ecs.soton.ac.uk" target="_blank">eprints-tech@ecs.soton.ac.uk</a>; James Kerwin
<a href="mailto:jkerwin2101@gmail.com" target="_blank"><jkerwin2101@gmail.com></a><br>
<b>Subject:</b> Re: [EP-tech] Word Documents won't download<u></u><u></u></span></p>
</div>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
<p>Hi all,<u></u><u></u></p>
<p>So, the problem is the URL generated by EPrints compiled XML's cite:linkhere which uses http rather than https. The suggestion John's makes about
<a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.eprints.org%2Fw%2FSimplified_HTTPS_Configuration%23HTTPS_Only&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cf73e7745e4074271056e08d8b1599f1c%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637454345771148313%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=gRreAn7xyfbGsuRGaZaxLLyCQE5goLd9p9K0OZcrNUg%3D&reserved=0" originalSrc="https://wiki.eprints.org/w/Simplified_HTTPS_Configuration#HTTPS_Only" shash="h8g1W3MSy0qJ3GGHtbIqgCXK/I/PeYFQWibHMGeQIUSnv7dfpnVO23IYGOhqXv5v/n6h/Vt8/KYCPTiE7Lt6cWhs7w+SZhA6fogeQq5NtCBE79arTY7IlsRMMtx9I8d5cuLtfT2klwbZg/9zt5Uc44lG2oIj3bnrlp3YY2O6Ics=" target="_blank">
https://wiki.eprints.org/w/Simplified_HTTPS_Configuration#HTTPS_Only</a> will only work if you are running EPrints 3.4.1+, which I can see that you are not.
<u></u><u></u></p>
<p>One of the features I have been working on for 3.4.3 is protocol relative URLs which should help deal with these issues. If you are still running 3.3.x fixing these sort of problems with be tricky. I think you need to look at the various document citations
and possible <a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Feprint_render.pl%2F&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cf73e7745e4074271056e08d8b1599f1c%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637454345771148313%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=0Bv9gd2oHGT1FV3KNlhbjpzrVSECteacvQQQwIz4vjw%3D&reserved=0" originalSrc="http://eprint_render.pl/" shash="rOYe/GiKXQQS9kN92Z+j3rRE/+Id1TL71uuIESEb2ackwnIdF4ImMd7JOkHimQ07fYID9JC4E86YzcrKcfwJAzkLbPGCeP2sBUK9fsJqj0IwiWIDnU6UeHBmPTIhi15gfFVnYPaD6LBzYX4OVJkA3GtHTzOrYOTsIZh8LvwDlEc=" target="_blank">eprint_render.pl</a> and replace the http URLs with https URLs. In some cases the http URL will come from the <cite:linkshere>, which you will probably need to hack with a fix like:<u></u><u></u></p>
<p><a href="{$config{https_url}}/{eprintid}/{pos}/{main}"> <u></u><u></u></p>
<p>and </cite:linkhere> with </a><u></u><u></u></p>
<p>Hope this helps<u></u><u></u></p>
<p>David Newman<u></u><u></u></p>
<div>
<p class="MsoNormal">On 04/01/2021 17:20, John Salter wrote:<u></u><u></u></p>
</div>
<blockquote style="margin-top:5pt;margin-bottom:5pt">
<div>
<div style="border:1pt solid rgb(141,57,112);padding:9pt">
<p class="MsoNormal" style="line-height:16.5pt;background:rgb(247,249,250)"><strong><span style="font-size:10.5pt;font-family:Calibri,sans-serif;color:rgb(141,57,112)">CAUTION:</span></strong><span style="font-size:10.5pt;font-family:Calibri,sans-serif;color:rgb(141,57,112)">
This e-mail originated outside the University of Southampton. <u></u><u></u></span></p>
</div>
</div>
<div>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">> I was just about to chime in that the document URL is rendered with http - but you're redirecting to https - so some part of Chrome's 302 handing is possibly
confusing things…</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">To flesh that out a bit more:</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">White Rose is currently still available over http and https. Document links are relative - so match the protocol you're visiting the site from.</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">For LivRepo, it looks like you're using an HSTS setup so requests to http:// are redirected to https:// (via a 307 response).</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">If you update the download URL to use https (via Chrome Console / Inspect), it downloads fine.</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">To fix this in EPrints,
<a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.eprints.org%2Fw%2FSimplified_HTTPS_Configuration%23HTTPS_Only&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cf73e7745e4074271056e08d8b1599f1c%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637454345771158308%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=kBz5ywR49VICSqWM05cijdYusbLda%2BXTEIgik9jJDuk%3D&reserved=0" originalSrc="https://wiki.eprints.org/w/Simplified_HTTPS_Configuration#HTTPS_Only" shash="fl+GHkm/bqlkCa+FVYgzFr3iQJGKqSYUPuQ+n5Nay8my3LLvnnYCUoGoYS/X3/6x6b5gOLZM6d0c71jTKdtRbq5QB5pDYWzupeqEIVXapVuaU9dabakaug4tnYqHAI27eq9sP05QuNaCulgA/Z/oOqV5R7X6esobmzJHL1f9hoo=" target="_blank">
https://wiki.eprints.org/w/Simplified_HTTPS_Configuration#HTTPS_Only</a> - setting 'host' to undef is the key - although test this thoroughly first - can't remember if there's any related 'fun' with Symplectic connector if you do this (I don't think there is…).</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Cheers,</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">John</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span><u></u><u></u></p>
<div>
<div style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(225,225,225);padding:3pt 0cm 0cm">
<p class="MsoNormal"><b><span style="font-size:11pt;font-family:Calibri,sans-serif" lang="EN-US">From:</span></b><span style="font-size:11pt;font-family:Calibri,sans-serif" lang="EN-US">
<a href="mailto:eprints-tech-bounces@ecs.soton.ac.uk" target="_blank">eprints-tech-bounces@ecs.soton.ac.uk</a> [<a href="mailto:eprints-tech-bounces@ecs.soton.ac.uk" target="_blank">mailto:eprints-tech-bounces@ecs.soton.ac.uk</a>]
<b>On Behalf Of </b>David R Newman via Eprints-tech<br>
<b>Sent:</b> 04 January 2021 17:02<br>
<b>To:</b> James Kerwin <a href="mailto:jkerwin2101@gmail.com" target="_blank"><jkerwin2101@gmail.com></a><br>
<b>Cc:</b> <a href="mailto:eprints-tech@ecs.soton.ac.uk" target="_blank">eprints-tech@ecs.soton.ac.uk</a><br>
<b>Subject:</b> Re: [EP-tech] Word Documents won't download</span><u></u><u></u></p>
</div>
</div>
<p class="MsoNormal"> <u></u><u></u></p>
<p>Hi James,<u></u><u></u></p>
<p>You should note that the whiterose URL is http rather than https. I have tested (on Chrome) the same URL I was testing before but with http rather than https and this worked just fine. This is starting to suggest to me some security feature (albeit maybe
a bit broken) within Chrome. From the depths of my brain I am vaguely recall some issue to do with content length mismatches that exhibited similar symptoms.<u></u><u></u></p>
<p>Regards<u></u><u></u></p>
<p>David Newman<u></u><u></u></p>
<div>
<p class="MsoNormal">On 04/01/2021 16:53, James Kerwin wrote:<u></u><u></u></p>
</div>
<blockquote style="margin-top:5pt;margin-bottom:5pt">
<div>
<div style="border:1pt solid rgb(141,57,112);padding:9pt">
<p class="MsoNormal" style="line-height:16.5pt;background:rgb(247,249,250)"><strong><span style="font-size:10.5pt;font-family:Calibri,sans-serif;color:rgb(141,57,112)">CAUTION:</span></strong><span style="font-size:10.5pt;font-family:Calibri,sans-serif;color:rgb(141,57,112)">
This e-mail originated outside the University of Southampton. </span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal">Hi David, <u></u><u></u></p>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">Thanks for your response. it's good to know it's not just me (although I did ask my family to also attempt to download it and they all struggled).<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">To add to the confusion, this item on the White Rose repository downloads fine. Unless Mr Salter has some different setup, I'm afraid it only adds to my quiet terror:<br>
<br>
<a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Feprints.whiterose.ac.uk%2F160018%2F&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cf73e7745e4074271056e08d8b1599f1c%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637454345771158308%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=gpIzO8a2PJzAPeSJpgk0fkdFj2WJmuL58MKRqaIDoEk%3D&reserved=0" originalSrc="http://eprints.whiterose.ac.uk/160018/" shash="xsBMkN3mYhSBmEvkn6et05fHX8Y5qqeQ6Hpvu5u5Iz/fh6eAb8rZpOa0HTvrIrbPdxEL9mi0kEl9SkjSL4gD2feh0fVD5w+fBw1h/iNXdVTJGHPWZcWjyeVRCmRI+SfjJTi838sAdRN/hUtHUU3zAFir0aw1vT9jG4qxQs76IU0=" target="_blank">http://eprints.whiterose.ac.uk/160018/</a><u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">What I have noticed is that his filenames in the word documents have no spaces. I'm currently mooching through our EPrints database for a doc(x) file that also avoids spaces. This isn't the most scientific way to work it out, but I'm hoping
it yields some results...<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">This sort of problem landing at my feet on the first day back at work should be considered some sort of abuse of my human rights!<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">If by some miracle I find a cause or solution I will share it.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">Thanks,<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">James<u></u><u></u></p>
</div>
</div>
<p class="MsoNormal"> <u></u><u></u></p>
<div>
<div>
<p class="MsoNormal">On Mon, Jan 4, 2021 at 4:45 PM David R Newman <<a href="mailto:drn@ecs.soton.ac.uk" target="_blank">drn@ecs.soton.ac.uk</a>> wrote:<u></u><u></u></p>
</div>
<blockquote style="border-top:none;border-right:none;border-bottom:none;border-left:1pt solid rgb(204,204,204);padding:0cm 0cm 0cm 6pt;margin:5pt 0cm 5pt 4.8pt">
<div>
<p>Hi James,<u></u><u></u></p>
<p>I see the same behaviour on your repository for the Word document on the URL you provided. Similarly it works fine on FireFox but has problems on Chrome when you click on the link and don't try to download it another tab. Oddly, if I try a second time
I get a popup asking me if I want to allow downloads of multiple files. I have tested on a different repository and I see the same issue with both .doc and .docx files. I suspect there may be issues with all application/... mime type files. My best guess
is this is a new security feature from Chrome. It may be something that requires tweaking Apache's configuration or possibly even something within EPrints.<u></u><u></u></p>
<p>I have also tested on Edge and Opera (all browsers running on Windows 10) and I do not have any issues either. The Chrome version I am running is 87.0.4280.88, this looks to have been released at the beginning of December. I do not know when my browser
upgraded but there are currently no knew updates available for Chrome according to my browser's "About Google Chrome" page. I will continue to investigate and get back to the list if I find out anything more.<u></u><u></u></p>
<p>Regards<u></u><u></u></p>
<p>David Newman<u></u><u></u></p>
<div>
<p class="MsoNormal">On 04/01/2021 15:54, James Kerwin via Eprints-tech wrote:<u></u><u></u></p>
</div>
<blockquote style="margin-top:5pt;margin-bottom:5pt">
<div>
<div style="border:1pt solid rgb(141,57,112);padding:9pt">
<p class="MsoNormal" style="line-height:16.5pt;background:rgb(247,249,250)"><strong><span style="font-size:10.5pt;font-family:Calibri,sans-serif;color:rgb(141,57,112)">CAUTION:</span></strong><span style="font-size:10.5pt;font-family:Calibri,sans-serif;color:rgb(141,57,112)">
This e-mail originated outside the University of Southampton. </span><u></u><u></u></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal">Hi All,<u></u><u></u></p>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">Happy new year etc. Hope everyone is well.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">I have a problem that has appeared today and it was fine before 18/12/2020 (as in it worked as expected).<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">Word documents are not downloading on the repository when using Chrome. If I right the download link and open it in a new tab it works and the file is downloaded. PDFs are behaving fine. If I use FireFox and click the download link the
file will download, but it does prompt me whether I want to save or open (this is fine, I don't use FF much so I won't click the "don't ask again" option).<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">In Elements on both Chrome and FF the file will not download. PDFs are downloading through Elements fine.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">Is there a likely cause for this? Some sort of update to some obscure working of the internet?<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">Example record:<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"><a href="https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Flivrepository.liverpool.ac.uk%2F3033942%2F&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cf73e7745e4074271056e08d8b1599f1c%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637454345771168300%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=8LvYD93eNAG76sVLnEQ7c3vmd0FYPLkj%2FDfEQtUOkD8%3D&reserved=0" originalSrc="https://livrepository.liverpool.ac.uk/3033942/" shash="wQnwcIEk1qs+4YIWvO8c07Ev6mi33yqyWRdUtDe4iCRt1yVBYsX5WgJV6g1U52nn2VoDVZzFpr5QaIKwHzV8HSnc85ekR7qUofc5Yvc1wLruBxfOnjRnSdb+LNx2BGgUAsKJYX2FXhIKqd25dUdgPyzcvkeGSa8e2LHlL6jyP6M=" target="_blank">https://livrepository.liverpool.ac.uk/3033942/</a><u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">Any help will be gratefully received. I'm totally confused by it and don't know where to start.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">Thanks,<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal">James<u></u><u></u></p>
</div>
</div>
</div>
<p class="MsoNormal"><br>
<br>
<br>
<u></u><u></u></p>
<pre>*** Options: <a href="http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech" target="_blank">http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech</a><u></u><u></u></pre>
<pre>*** Archive: <a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.eprints.org%2Ftech.php%2F&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cf73e7745e4074271056e08d8b1599f1c%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637454345771178298%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=BnNDMc8Sf%2BXFAp7sc43qm7qDzp%2ByiuSPpOgcqCNOoX8%3D&reserved=0" originalSrc="http://www.eprints.org/tech.php/" shash="c/t/qT+SG1xc+OMNnccdiWhXfIT3ttJCiOtFWGlzwuwbeJiXzRXcC4zz9pXsaqgH7NVJ7luRf22faPgRKelhmiJBPhxlMphrvtUlv4/XEp7D/N90TkkTnbjkIkBYxxcD+KNqsxfBTAOTmezQyEj1VNuthbhTIoXGXqmGLWDZu8U=" target="_blank">http://www.eprints.org/tech.php/</a><u></u><u></u></pre>
<pre>*** EPrints community wiki: <a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwiki.eprints.org%2F&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cf73e7745e4074271056e08d8b1599f1c%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637454345771178298%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Is5gz6EFWyE8BslYtN8aTOtO7GtibHuTNCxI%2FZlHtZI%3D&reserved=0" originalSrc="http://wiki.eprints.org/" shash="KDIvEbnE4Vl9TPXGvoKaw7KlHiHlUnwrGad6MAY1f8HRI4wvmUdQq72URfaLl6X11qhw+T+DzofL0SCh8CJebF3atynvOer9V+/bGyHfA6++7rVYGeQgyYpJDZRtshed068Tyjd2DJHy7KQuCem8I54C9ysOiZ+bWF4xdNCFUrI=" target="_blank">http://wiki.eprints.org/</a><u></u><u></u></pre>
</blockquote>
<div id="gmail-m_4893119165545413886gmail-m_1170366041298124642DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2">
<p class="MsoNormal"> <u></u><u></u></p>
<table style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(211,212,222)" cellpadding="0" border="1">
<tbody>
<tr>
<td style="width:41.25pt;border:none;padding:9.75pt 0.75pt 0.75pt" width="58">
<p class="MsoNormal"><a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.avg.com%2Femail-signature%3Futm_medium%3Demail%26utm_source%3Dlink%26utm_campaign%3Dsig-email%26utm_content%3Demailclient&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cf73e7745e4074271056e08d8b1599f1c%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637454345771188293%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=O2Ua8ew4NJynJENkcWLGQVibTCYtdz%2FkcpDVnB3Yee8%3D&reserved=0" originalSrc="http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient" shash="o5T25FmVFWE8zE45/uIJ0/BEu2o1GQYj2UjvDSfnphi/GEcp1G709Sm8KLnPssY49NWY687W4elr/QfNzU2FoZWgal/FQ4zAIO79NM/xWGvvkZyCvIGVO+W91f7/dsl8zqMyt7auZoHPy7go74IQSHeIezTfPT7MOCHxsjhD35U=" target="_blank"><span style="border:1pt solid windowtext;padding:0cm;text-decoration:none"><img id="gmail-m_4893119165545413886_x0000_i1025" src="cid:176d1c5364c4ce8e91" alt="Image removed by sender." width="46" height="29" border="0"></span></a><u></u><u></u></p>
</td>
<td style="width:352.5pt;border:none;padding:9pt 0.75pt 0.75pt" width="473">
<p class="MsoNormal" style="line-height:13.5pt"><span style="font-size:10pt;font-family:Arial,sans-serif;color:rgb(65,66,78)">Virus-free.
<a href="https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.avg.com%2Femail-signature%3Futm_medium%3Demail%26utm_source%3Dlink%26utm_campaign%3Dsig-email%26utm_content%3Demailclient&data=04%7C01%7Ceprints-tech%40ecs.soton.ac.uk%7Cf73e7745e4074271056e08d8b1599f1c%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637454345771188293%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=O2Ua8ew4NJynJENkcWLGQVibTCYtdz%2FkcpDVnB3Yee8%3D&reserved=0" originalSrc="http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient" shash="o5T25FmVFWE8zE45/uIJ0/BEu2o1GQYj2UjvDSfnphi/GEcp1G709Sm8KLnPssY49NWY687W4elr/QfNzU2FoZWgal/FQ4zAIO79NM/xWGvvkZyCvIGVO+W91f7/dsl8zqMyt7auZoHPy7go74IQSHeIezTfPT7MOCHxsjhD35U=" target="_blank">
<span style="color:rgb(68,83,234)">www.avg.com</span></a> </span><u></u><u></u></p>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
</div>
</blockquote>
</div>
</div>
</blockquote>
</div>
</blockquote>
</div>
</div>
</blockquote>
</div>
</blockquote>
</div>
</div>
</body>
</html>