1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Expanding Tomato HTTPd to allow HTTPS downloads

Discussion in 'Tomato Firmware' started by MonkeyBoy27, Apr 20, 2009.

  1. MonkeyBoy27

    MonkeyBoy27 Addicted to LI Member

    I'm trying to expand the capbilities of the web server to enable me to download files from the jffs mount. I've followed the method at:


    (didnt want to add a post to this thread, its 2+ years old, so starting a new one)

    Following this method, of placing a filename.bin file in /jffs, then creating a link in /var/wwwext, and downloading via http://router/ext/filename.bin works fine, but it only seems to work for HTTP, not HTTPS. HTTPS gives a file not found error.

    As I need to use this for remote access, is anyone aware of a way to enable this to work with HTTPS, as using HTTP only will broadcast the router password in plaintext, not good when using public wi-fi hotspots

    Any help appreciated, thanks.
  2. fyellin

    fyellin LI Guru Member

    Interesting. Works just fine for me, using either http or https.

    My browser isn't happy about the bogus SSL certificate that tomato is offering me, but once I tell it that that certificate is fine, it happily reads publicly-readable soft-linked stuff in /var/wwwext.
  3. fyellin

    fyellin LI Guru Member

    You are right to be concerned about HTTP.

    As an alternative, if you are as paranoid as I am, you might consider using OpenVPN or ssh (configured to use an RSA token) instead. They can be configured so that only laptops that have been pre-loaded with certain configuration files can access the router from outside.
  4. MonkeyBoy27

    MonkeyBoy27 Addicted to LI Member

    Hi Fyellin

    Thanks for testing this, as you'd got it working this indicated a browser issue to me. As I was using IE, I tried with Firefox, and confirmed it works. Apparently, it will also work with all other non IE browsers, its an esoteric issue when IE tries to open a link with a file extension it doenst know, via SSL (I'd been trying to open a .bin file, to trigger a download)

    Details of the issue: http://drupal.org/node/18565
    Microsoft KB: http://support.microsoft.com/kb/316431

    As per the KB, this fault will not happen if using a file type that IE recognises. I kept the filename as file.bin, but changed the name of the link to file.gif instead of file.bin. This works, so now https://router/ext/file.gif triggers a "save as" in IE, and actually downloads the file with the correct filename and .bin extension.

    Only problem with this technique is that it then breaks Firefox, as Firefox just reports that the .gif file is corrupted! :frown:

    So the solution appears to be to create two links, both pointing to the file you wish to download. Call one file.gif and use this with IE, and the other file.bin and use this with other browsers. Not elegant, but it works.

    Thanks again for testing it and pointing me in the right direction :thumbup:

Share This Page