Downloading restricted bitstreams does not work when opening a new tab/window #1809
Labels
authorization
related to authorization, permissions or groups
bug
claimed: Atmire
Atmire team is working on this issue & will contribute back
e/30
high priority
Milestone
Describe the bug
This issue was previously described in #924, but has reappeared (or perhaps was never fully solved)
When attempting to download an access restricted bitstream in a new tab/window, you will ALWAYS see a 401 "Whitelabel Error Page". If you look at the backend logs, you'll see something like this (notice the 403 on the /shortlivedtokens endpoint followed by the 401 which is returned to the user)
To Reproduce
This issue appears to ONLY be reproducible on a public, "production" site. It doesn't seem to be reproducible when running the frontend on http://localhost:4000 ... likely because localhost is considered a "trusted IP" so that the above
/shortlivedtoken
request succeeds.However, it is reproducible on https://demo7.dspace.org. It is also possible to reproduce it locally if you run the UI (and backend) behind a public proxy (like https://localtunnel.me) and then access the UI via that proxy URL.
There are several ways to reproduce this error in the UI:
These three issues all appear to be related to the same problem, that it's currently not possible to download restricted bitstreams in a new tab.
Expected behavior
Assuming you have an active authenticated session, it should be possible to download bitstreams in a new tab. We even have code to support this via the
isBlank
flag in thefile-download-link.component.ts
. However, thisisBlank
flag only works for non-restricted bitstreams.Related work
Related directly to DSpace/DSpace#8378 and #1743 . Fixing this bug would likely fix both of those tickets as well.
The text was updated successfully, but these errors were encountered: