We have a simple ASPX page that grabs a file from the DB, and streams it to the browser using Response.BinaryWrite(). It worked perfectly over HTTP, and it works over HTTPS for every file type (as far as I tested) EXCEPT PDF. When attempting to view PDF files, the browser displays a blank page. No error at all, just a blank page.
After several hours, I tracked the problem down to the following lines of code:
Response.CacheControl = "no-cache";
Response.AddHeader("Pragma", "no-cache");
It seems that if either of these headers are applied, PDF files will not work over SSL. I commented out both of these lines, and it seems to work.
Of course, now we need to deal with caching. Setting the expiration date will have to do.
Response.Expires = -1;
So the final code looks like:
byte[] data = // Load from DB
// Clear the any response already buffered (just in case)
Response.ClearContent();
Response.ClearHeaders();
// Set Buffering ON
Response.Buffer = true;
// Prevent this page from being cached.
// NOTE: we cannot use the CacheControl property, or set the PRAGMA header value due to a flaw re: PDF/SSL/IE
Response.Expires = -1;
// Set the ContentType
Response.ContentType = "application/pdf";
// Specify the number of bytes to be sent
Response.AddHeader("Accept-Header", data.Length.ToString());
// Write the file to the stream
Response.BinaryWrite(data);
// Wrap it up
Response.Flush();
Response.Close();
Response.End();