BestHub
Sign in
Tagged articles
5 articles
Page 1 of 1
Java Architecture Diary
Java Architecture Diary
Jun 16, 2025 · Information Security

Why Spring Framework’s RFD Bug Lets Attackers Download Malicious Files—and How to Patch It

Spring’s latest security advisory reveals a critical Reflection File Download (RFD) vulnerability affecting multiple Spring Framework versions, allowing crafted requests to force users to download malicious files, and provides detailed conditions, unaffected scenarios, version impact, and recommended remediation steps.

RFD vulnerabilitySecurity PatchSpring Boot
0 likes · 5 min read
Why Spring Framework’s RFD Bug Lets Attackers Download Malicious Files—and How to Patch It
MaGe Linux Operations
MaGe Linux Operations
May 3, 2023 · Backend Development

Force File Downloads in NGINX with Simple Header Configurations

Learn how to configure NGINX to force browsers to download files instead of displaying them by adding appropriate Content‑Disposition headers, handling various file types, using regex locations, and reloading the server for the changes to take effect.

BackendConfigurationFile Download
0 likes · 4 min read
Force File Downloads in NGINX with Simple Header Configurations
21CTO
21CTO
Aug 17, 2019 · Backend Development

How to Force File Download with Correct Filename Encoding Across Browsers

This article explains why forcing a download dialog while preserving the original (possibly non‑ASCII) filename requires special handling of the Content‑Disposition header, reviews relevant RFCs, compares browser behaviours, and provides a standards‑compliant solution using RFC 5987 encoding.

File DownloadHTTPRFC 5987
0 likes · 11 min read
How to Force File Download with Correct Filename Encoding Across Browsers