Change COMBINE archives to be downloaded rather than redirected to

[jonrkarr]

The UI can't facilitate the downloading of COMBINE archives due to this security issue (runBioSimulations runs over HTTPs, but the download runs over HTTP).

Mixed Content: The site at 'https://run.biosimulations.dev/' was loaded over a secure connection, but the file
at 'http://biosimdevbucket.cam.uchc.edu/s3/temp/createdCombineArchive/34a1029e-02cb-45b9-ac89-0d82ab3d7199'
was redirected through an insecure connection. This file should be served over HTTPS. This download has
been blocked. See https://blog.chromium.org/2020/02/protecting-users-from-insecure.html for more details.

Steps to reproduce:

• Open https://run.biosimulations.dev/create?modelUrl=https:%2F%2Fraw.githubusercontent.com%2Fbiosimulators%2FBiosimulators_utils%2Fdev%2Ftests%2Ffixtures%2FBIOMD0000000075.xml&modelFormat=format_2585&modelingFramework=SBO_0000293&simulationType=SedUniformTimeCourseSimulation&simulationAlgorithm=KISAO_0000019
• Entire time course parameters, e.g.
  • Initial time: 0
  • End time: 10
  • Output start time: 0
  • Number of steps: 10
• Click "Download"

If the data will be available by HTTPS shortly, this issue will resolve itself. Otherwise, we need to figure out a different way to download these files.

[bilalshaikh42]

A temporary solution is to redirect the users to the URL rather than have the UI trigger the download. We should have https working shortly

On Tue, Apr 13, 2021 at 5:05 PM Jonathan Karr @.***> wrote:

Assigned #2435 https://github.com/biosimulations/Biosimulations/issues/2435 to @bilalshaikh42 https://github.com/bilalshaikh42.

— You are receiving this because you were assigned. Reply to this email directly, view it on GitHub https://github.com/biosimulations/Biosimulations/issues/2435#event-4590276231, or unsubscribe https://github.com/notifications/unsubscribe-auth/AHX4FIHZ25673BZHZOPFQRLTISWZZANCNFSM424CU7CQ .

[jonrkarr]

I temporarily changed this to redirection. This should be changed back once HTTPS is enabled so that the UI can make sure the file is downloaded with a more informative named e.g., archive.omex rather than {id}.zip.

[bilalshaikh42]

@jonrkarr I don't remember where exactly this was. The download functionality seems to be working fine. Can we close?

[jonrkarr]

Here's the relevant piece which I believe can be simplified now:

https://github.com/biosimulations/Biosimulations/blob/dev/apps/dispatch/src/app/components/create-simulation-project/create-simulation-project/create-simulation-project.component.ts#L1803

[biosimulations-daemon]

:tada: This issue has been resolved in version 2.2.0 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket: