I have a web service that I use to serve download links. For security reasons, requests are only served if they include a valid token. This token is one-use only. E.G.:

GET https://my.coolwebsite.com/download/file.jpg?token=MY_ONE_TIME_USE_TOKEN

HTTP/1.1 200 OK
Date: Tue, 23 Dec 2014 10:37:02 GMT
Content-Type: image/jpeg
Content-Disposition: attachment; filename=file.jpg

[JPEG BYTES]

If I visit the url of this web service in a desktop Chrome window, it works fine. However, it seems that on mobile, Chrome sends a GET request to the url, detects the response isn't text/html, and then makes a second GET request to the url in order to download it. This of course doesn't work, as the token is invalidated after the first request.

Any solutions to this problem would be much appreciated!

Related posts

Recent Viewed