Improvement to the used cURL command

[jpawlowski]

Hi Oliver,

extremely nice project, my sincere appreciation! 👏🏻
Love it.

Just one little detail I have noticed:
I think the cURL command on the home page should use the -L parameter like this:

cd %tmp%
curl -L -o ap.exe ap.example.com & ap apserver.example.com

Otherwise, the download might contain HTML content about the 302 redirect notice and the file will not be executable.
You could also use the explicit https URL for the executable file download of course:

cd %tmp%
curl -o ap.exe https://ap.example.com & ap apserver.example.com

Each of it is a bit more to type for the user, but it won't give any errors anymore. 😃

Cheers,
Julian

[okieselbach]

I know the parameter -L for following redirects, but from my experience, if you implement it in the way that it is in the root of your published domain it is working really fine. So, the idea was going for max. convenience for a user. I reduce the command to type a min. set. The issue with the -L is, it needs to be uppercase otherwise it is a different parameter, so another caveat during typing. Users do not always pay attention. So, my idea was to get it right from the server side and provide a proper download endpoint so the command can be max. simplified and failure prone.

[okieselbach]

btw, many thanks for the kudos 🙏 and of course feel free to communicate the command differently to your users. I might consider an overwrite variable for the next version. With that you can overwrite the complete command with your own one.

[jpawlowski]

I know the parameter -L for following redirects, but from my experience, if you implement it in the way that it is in the root of your published domain it is working absolutely fine.

That's exactly what I did which is why the file is delivered directly when using HTTPS.
It appears to me that the way you describe it, you might have configured the storage account to allow unencrypted content using HTTP only because this is what cURL does by default in this case.

Maybe it is worth checking this once more just to be on the safe side and nobody in the middle can tamper with the ap.exe file.

I think a long time ago, storage accounts had a default setting to allow unencrypted downloads, not sure when this changed.

I could be totally wrong here, it is just that I had to change it that way to make it work with HTTPS transport security that I want.

[okieselbach]

True at the time of writing the article I think https wasn't the default. Might be something to actually consider in the meantime. Thanks for bringing this to attention.