Help to create a rule for download file

What is the name of the domain?

excelsecurity.net/document/downloadfile/VnpWdFJIQUJnVE5Ub2QyaG5ONjdIQT09

What is the error number?

not downloading file

What is the issue you’re encountering

downloading a Zero KB file

What are the steps to reproduce the issue?

Hi Guys,

Hoping someone maybe able to help with this as I am baffled, The customer sent this request

The following URL : https://portal.excelsecurity.net/document/downloadfile/VnpWdFJIQUJnVE5Ub2QyaG5ONjdIQT09

is used to download a pdf file from the excel security application portal. However this link is downloading a Zero KB file as Cloudflare is preventing it from downloading full content.

I have been asked … Could you create a rule that will allow or bypass requests to the URL

https://portal.excelsecurity.net/document/* with wild card to include its sub structure below it.

I am not sure what needs to be done so any advise would be great

thanks

I don’t think the problem is directly caused by Cloudflare. Your origin returns Content-Length: 0 for this request together with a Content-Disposition header, and we simply proxy that response:

  1. Origin:
< HTTP/1.1 200 OK
< Server: nginx
< Date: Thu, 14 Nov 2024 16:14:03 GMT
< Content-Type: application/octet-stream
< Content-Length: 0
< Connection: keep-alive
< X-Powered-By: PHP/5.5.9-1ubuntu4.13
< X-XSS-Protection: 1
< X-Frame-Options: SAMEORIGIN
< Set-Cookie: app_session=ofk2jepn98cmoskvgk7i044m5cofpd7t; expires=Thu, 14-Nov-2024 18:14:00 GMT; Max-Age=7200; path=/; HttpOnly
< Pragma: no-cache
< Content-Disposition: attachment; filename="XLJ166400.pdf"
< Expires: 0
< Content-Transfer-Encoding: binary
< Cache-Control: private, no-transform, no-store, must-revalidate
  1. Cloudflare:
< HTTP/2 200 
< date: Thu, 14 Nov 2024 16:24:12 GMT
< content-type: application/octet-stream
< content-length: 0
< x-powered-by: PHP/5.5.9-1ubuntu4.13
< x-xss-protection: 1
< x-frame-options: SAMEORIGIN
< set-cookie: app_session=60u63llq82256e20tu14hk2j02e4dm3o; expires=Thu, 14-Nov-2024 18:24:09 GMT; Max-Age=7200; path=/; HttpOnly
< pragma: no-cache
< content-disposition: attachment; filename="XLJ166400.pdf"
< expires: 0
< content-transfer-encoding: binary
< cache-control: private, no-transform, no-store, must-revalidate
< cf-cache-status: DYNAMIC
< report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2hn53wRU0LItHhlCHhrbOpaU%2F0Mxt0nI3grQOXqmg9b%2FoCj8LiWpL%2FLGueROdrDtyfozGa5TSckqPSjg7ZUBtuM6ZTjkCFDNR1RhfZZGcQUWJytz4uqtfkRnxz8Id9ROfTJh2ls8k04c6AY%3D"}],"group":"cf-nel","max_age":604800}
< nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
< server: cloudflare
< cf-ray: 8e28599fcb29d6af-IAD
< alt-svc: h3=":443"; ma=86400

Take a look at Files can not be downloaded - #18 by PresTeamShop for a potential solution, but chances are you need to fix this directly in your PHP application.

thanks for the advise, it is most appreciated

1 Like