Unsetting Response Headers in an Apache Reverse Proxy Configuration When Serving PDF to Internet Explorer

Yuck. IE. Sometimes, we just need to suck it up and support IE even if it goes against everything we believe in. It's well known that IE has a problem downloading PDFs over HTTPS when certain cache control headers are sent in the response.

See Microsoft's own support site for this one: http://support.microsoft.com/kb/812935

The workaround for a developer is to make those headers disappear. There are several ways you can do this.

  1. In your application, don't set them
  2. In your Web server, unset them.

Usually, the better approach is to configure your Web server to unset the header site-wide since the origin of the PDF behind your server is inconsequential. Removing them at the server level makes serving PDFs to all browsers work.

Unset Headers in Standard Apache Configuration

If you are using Apache in a standard way to front your application or site you can identify PDF requests using the Files directive.

<Files ~ \.pdf$>
   Header unset Cache-Control
   Header unset Pragma
</Files>

You should place this in the <VirtualHost *:443> section since this is a problem related only to serving over HTTP.

Unset Headers in Reverse Proxy Configuration

If you are using Apache as a reverse proxy and your PDFs are not on the filesystem relative to the site root, then you need to match the PDFs differently. In this case, you need to use a Location directive since the Files directive is used to match unproxied files.

<Location ~ \.pdf$>
   Header unset Cache-Control
   Header unset Pragma
 </Location>

Again, this should be placed in the <VirtualHost *:443> section.