Hi everyone,
I'm storing PDF files in a directory outside my document root, and I serve them to users with header() and readfile(). My problem is this: I'm now using SSL, and when I request a PDF file I get a warning that the file I've requested contains insecure items. I figure this must be the fault of the headers I'm sending. Am I on the right track, and does anyone know the correct headers to send so as not to disturb SSL?
Program code follows:
$file_loc = "/var/docs/testpdf.pdf";
$filename = "testpdf.pdf";
header("Cache-control: private");
header("Content-Type: application/pdf");
header("Content-Disposition: inline; filename=$filename");
readfile($file_loc);
