When you access files in Object Storage Service (OSS) using a browser, your browser might force a download instead of displaying an online preview. This topic helps you quickly identify the cause and configure the correct preview behavior.
Troubleshoot the issue
If a file is forced to download, you can use the curl command to check the response header of the file's URL. This lets you quickly identify the root cause.
Goal: To check the response header for specific fields that force a download.
Procedure: Open the terminal or command line interface on your computer and run the following command. Replace <your file URL> with the actual URL of the file.
curl -I "<your file URL>"Analyze the results: After you run the command, check the x-oss-force-download and Content-Disposition fields in the response header.
If the response header contains
x-oss-force-download: true: An OSS security policy for default domain names was triggered. For the solution, see Scenario 1: Forced download due to an OSS security policy.If the response header contains
Content-Disposition: attachmentbut notx-oss-force-download: The file's metadata is set for attachment download. For the solution, see Scenario 2: Forced download due to file metadata settings.If the response header does not contain either of these fields but the file still downloads: The browser probably cannot recognize the file type. For the solution, see Scenario 3: Browser cannot preview the file due to an incorrect Content-Type.
Solutions
Scenario 1: Forced download due to an OSS security policy
This scenario occurs when the response header contains x-oss-force-download: true.
Cause: To prevent security risks that can occur when files, such as HTML files, are executed directly in a browser, OSS forces a download. This behavior occurs when you use an OSS default domain name or an acceleration endpoint to access a bucket created after a specific date. For certain regions and file types, OSS adds the
x-oss-force-download: trueandContent-Disposition: attachmentresponse headers.For more information about the policies, see Appendix: Quick reference for OSS domain name forced download rules at the end of this topic.
Solution: Use a custom domain name to access OSS resources
Procedure:
Attach a custom domain name to the bucket: Log on to the OSS console. On the Domain Names page for the target bucket, attach your custom domain name that has an ICP filing.
Configure CNAME resolution: Go to your domain name resolution service provider, such as Alibaba Cloud DNS. Add a CNAME record for your custom domain name that points to the CNAME address provided by OSS.
Access the file with the new domain name: After the configuration is complete, use the URL of your custom domain name to access the file. This allows the file to be previewed online.
If you require global access acceleration, you can attach your custom domain name to an acceleration endpoint. This bypasses the forced download policy and improves performance.
For more information, see Access OSS through a custom domain name.
Scenario 2: Forced download due to file metadata settings
This scenario occurs when the response header contains Content-Disposition: attachment but not the x-oss-force-download field.
Cause: The
Content-Dispositionfield in the file's metadata is explicitly set toattachment. This setting tells the browser to download the file as an attachment instead of displaying it inline. This setting is often used for temporary download links. If the setting is not cleared, all subsequent attempts to access the file trigger a download.Solution: Change the file's
Content-Dispositionmetadata toinlineModify in the console
Log on to the OSS console. Go to the page of the target bucket.
Find the target object. In the Actions column, choose .
In the dialog box that appears, find the
Content-Dispositionfield and change its value toinline.Click OK to save the settings.
Modify in batches using ossutil
# Set the Content-Disposition of a specific file to inline ossutil set-meta oss://your-bucket/your-object.pdf Content-Disposition:inline
Scenario 3: Browser cannot preview the file due to an incorrect Content-Type
This scenario occurs when the response header is normal, but the browser still downloads the file.
Cause: The file's
Content-Type(also known as a Multipurpose Internet Mail Extensions (MIME) type) metadata is incorrect or missing. For example, if a JPG image file'sContent-Typeis incorrectly set toapplication/octet-stream, the browser downloads the file because it cannot identify the file type.Solution: Set the correct
Content-Typefor the fileModify in the console
Log on to the OSS console. Go to the page of the target bucket.
Find the target object. In the Actions column, choose .
In the dialog box that appears, find the
Content-Typefield and change it to the correct value.Click OK to save the settings.
Examples of correct Content-Type for common file types:
Images:
image/jpeg,image/png,image/gif,image/webpVideos:
video/mp4PDF documents:
application/pdfHTML files:
text/htmlPlain text:
text/plain
Modify in batches using ossutil
# Set the Content-Type of a specific file to image/jpeg ossutil set-meta oss://your-bucket/your-object.jpg Content-Type:image/jpeg
More scenarios and solutions
Changes to metadata do not take effect: Check the CDN cache
If you use Alibaba Cloud Content Delivery Network (CDN) to accelerate access to OSS, changes to file metadata, such as Content-Type or Content-Disposition, may not take effect immediately. This is because CDN points of presence (PoPs) might still serve the cached version with the old configuration.
Solution: Log on to the CDN console and purge the cache for the modified file's URL. For more information, see Refresh and prefetch resources.
How to force a file to download instead of being previewed
If you want to always force a download when a user accesses a file, you can use one of the following methods.
Method 1 (Recommended): Configure in OSS. As described in Scenario 2, set the file's
Content-Dispositionmetadata toattachment. This method is ideal for applying a permanent setting to a single file.Method 2: Configure in CDN. If you use CDN, you can add the
Content-Disposition: attachmentheader in the CDN console. You can configure this as an outbound response header in the Cache Settings. This method does not require changes to the source file in OSS and is useful for flexible, batch configurations based on specific paths or file types.
The browser does not support previewing the file format
Mainstream browsers do not support online previews for some professional file formats, such as .psd, .ai, and .sketch. In this case, the browser downloads the file even if the OSS and CDN configurations are correct.
Solution: You can install a browser extension that supports previewing the file format. You can also use a professional document preview service, such as WebOffice Online Preview.
Appendix: Quick reference for OSS domain name forced download rules
If a file is forced to download, check the value of the x-oss-ec field in the HTTP response header. Then, you can use the following tables to identify the cause.
Error code (x-oss-ec): The unique ID of the rule that caused the download.
Bucket creation time: When you use a default domain name, the policy typically applies only to buckets created after this time. Legacy buckets created before this time are usually not affected.
Transfer acceleration enabling time: After you enable transfer acceleration, the policy typically applies only to buckets for which transfer acceleration is enabled after this time. Buckets for which transfer acceleration was enabled before this time are usually not affected.
You can bypass all forced download rules using a custom domain name.
OSS default domain names
When the policy takes effect | Bucket region | Affected objects | Affected file types | Error code |
08:00, September 28, 2018 | China (Hangzhou), China (Shanghai), China (Qingdao), China (Beijing), China (Zhangjiakou), China (Hohhot), China (Shenzhen), China (Chengdu) | Buckets created after the effective time | text/html | |
12:00, September 25, 2019 | China (Nanjing - Local Region - Phasing Out) China (Ulanqab), China (Heyuan), China (Guangzhou), US (Silicon Valley), US (Virginia), South Korea (Seoul), Singapore, Malaysia (Kuala Lumpur), Indonesia (Jakarta), Philippines (Manila), Thailand (Bangkok), UK (London), UAE (Dubai) | Buckets created after the effective time | text/html | |
14:00, November 25, 2019 | China (Hong Kong) | Buckets created after the effective time | text/html | |
17:00, September 23, 2019 | China (Hohhot) | Buckets created after the effective time | image/jpeg, image/gif, image/tiff, image/png, image/webp, image/svg+xml, image/bmp, image/x-ms-bmp, image/x-cmu-raster, image/exr, image/x-icon, image/heic, text/html | |
11:00, September 24, 2019 | China (Qingdao), China (Chengdu) | Buckets created after the effective time | image/jpeg, image/gif, image/tiff, image/png, image/webp, image/svg+xml, image/bmp, image/x-ms-bmp, image/x-cmu-raster, image/exr, image/x-icon, image/heic, text/html | |
17:00, September 24, 2019 | China (Zhangjiakou) | Buckets created after the effective time | image/jpeg, image/gif, image/tiff, image/png, image/webp, image/svg+xml, image/bmp, image/x-ms-bmp, image/x-cmu-raster, image/exr, image/x-icon, image/heic, text/html | |
17:00, September 29, 2019 | China (Shanghai), China (Shenzhen) | Buckets created after the effective time | image/jpeg, image/gif, image/tiff, image/png, image/webp, image/svg+xml, image/bmp, image/x-ms-bmp, image/x-cmu-raster, image/exr, image/x-icon, image/heic, text/html | |
18:00, September 29, 2019 | China (Beijing) | Buckets created after the effective time | image/jpeg, image/gif, image/tiff, image/png, image/webp, image/svg+xml, image/bmp, image/x-ms-bmp, image/x-cmu-raster, image/exr, image/x-icon, image/heic, text/html | |
15:00, September 30, 2019 | China (Hangzhou) | Buckets created after the effective time | image/jpeg, image/gif, image/tiff, image/png, image/webp, image/svg+xml, image/bmp, image/x-ms-bmp, image/x-cmu-raster, image/exr, image/x-icon, image/heic, text/html | |
00:00, October 09, 2022 | Buckets created by users who enabled OSS for the first time after 00:00 on October 9, 2022 | |||
10:00, December 22, 2025 | China (Ulanqab), China (Heyuan), China (Guangzhou), China (Nanjing - Local Region - Phasing Out) | Buckets created after the effective time | image/jpeg, image/gif, image/tiff, image/png, image/webp, image/svg+xml, image/bmp, image/x-ms-bmp, image/x-cmu-raster, image/exr, image/x-icon, image/heic |
Acceleration endpoints
Effective time | Bucket region | Affected objects | Affected file types | Error code |
00:00, December 31, 2020 | Buckets for which transfer acceleration is enabled after the effective time | text/html | ||
12:00, January 07, 2021 | UAE (Dubai) | Buckets for which transfer acceleration is enabled after the effective time | ||
18:00, January 07, 2021 | Malaysia (Kuala Lumpur), UK (London) | Buckets for which transfer acceleration is enabled after the effective time | ||
18:00, January 08, 2021 | Japan (Tokyo), Indonesia (Jakarta), Germany (Frankfurt) | Buckets for which transfer acceleration is enabled after the effective time | ||
12:00, January 14, 2021 | US (Silicon Valley), US (Virginia), Singapore | Buckets for which transfer acceleration is enabled after the effective time | ||
00:00, January 16, 2021 | China (Hong Kong) | Buckets for which transfer acceleration is enabled after the effective time | ||
00:00, October 09, 2022 | Buckets created by users who enabled OSS for the first time after 00:00 on October 9, 2022 | |||
00:00, February 01, 2023 | South Korea (Seoul), Philippines (Manila), Thailand (Bangkok) | Buckets for which transfer acceleration is enabled after the effective time |