Automatically downloaded safari.jsp file. What is it?

Sounds like poorly-coded web sites. A .jsp file is supposed to be code that runs on the web server and returns HTML code to your browser. You should never actually see the .jsp file if the server is functioning correctly.

This just happened to me -for the first time ever. Worse yet is that TextWrangler was immediately opened. I shut it down immediately and deleted the file, but this is very very worrisome.

Thats a JavaServer Pages file, maybe from a page that used JSP code Safari did not understand and somehow forced Safari to store it. It is really just a suggestion, but there are actually many users experiencing the same problem, it does not seem to be a hacking intent, rather likely a Safari problem.

Thats a JavaServer Pages file, maybe from a page that used JSP code Safari did not understand

As I said above, JSP code is executed on the server, not in the browser, so the user should never see it. It's definitely not a Safari problem, it's a server problem.

it does not seem to be a hacking intent

Unless you've got a web server capable of executing JSP code running on your machine, there's no way it could possibly be meant to hack you. (I'm pretty sure the built-in web server that can be turned on via web sharing does not support JSP.) This would be a pretty lame hack, since there are probably very few people who could actually run it on their personal machines!

It is almost definitely a problem on the user end. This started happening to me right after I updated to 10.6.6. I am visiting the same websites I have always visited and I have never had this happen before. It is also happening somewhat frequently. I would say this isn't as much a security risk as it is an annoyance that I hope is remedied soon. Safari would download a file named safari.jsp from some websites and open it with my citrix client. When I uninstalled my citrix client it started opening in Textedit.

Exact same thing happening to me. EXTREMELY annoying with 5-10 jsp files a day. Anyone have a fix?

As has already been said, .jsp files are +executed on the server+ and not transmitted to the client as .jsp files. In other words, the .jsp file runs on the server and generates some - if not all - of the HTML code that is then sent to your browser. If, instead, the raw .jsp source files are being saved to your hard drive, that is a server issue... and potentially a very serious security issue for the site involved, since their .jsp source code is being accessed, potentially revealing MySQL database passwords or other information that should never be seen by the client.

Mr. Reed:

I believe what you say. However, it does not make it any less true that numerous websites cause Safari to download a .jsp file to my computer and that subsequently tries to be open by my Citrix program. These files are named "safari.jsp". They are of zero size. I have opened them with Text Edit and they contain nothing. Other than telling me it is not happening, do you have any other suggestions?

Other than telling me it is not happening

Where did I say that?

do you have any other suggestions?

I'd guess contact the makers of Citrix. It can't be coincidence that it has been implicated here by two people with this issue.

Edit: you also might want to be more specific about what the "numerous" sites are that you're seeing this problem with.

This is from the Get Info window of the files that are currently in my Download folder. I will post as I collect others. Thanks


http://chicago_cbslocal.us.intellitxt.com/safari.jsp?x=1&t=1295462149545, http://chicago_cbslocal.us.intellitxt.com/safari.jsp?t=1295462149435
http://foxtv2.us.intellitxt.com/safari.jsp?x=1&t=1295619904885, http://foxtv2.us.intellitxt.com/safari.jsp?t=1295619904714
http://theindychannel.us.intellitxt.com/safari.jsp?x=1&t=1295713241000, http://theindychannel.us.intellitxt.com/safari.jsp?t=1295713240840
http://contactmusic.uk.intellitxt.com/safari.jsp?x=1&t=1295471992009, http://contactmusic.uk.intellitxt.com/safari.jsp?t=1295471991724
http://wwtdd.us.intellitxt.com/safari.jsp?x=1&t=1295464465055, http://wwtdd.us.intellitxt.com/safari.jsp?t=1295464464507
http://nationalreview.us.intellitxt.com/safari.jsp?x=1&t=1295613807330, http://nationalreview.us.intellitxt.com/safari.jsp?t=1295613807173
http://ntcompatible.us.intellitxt.com/safari.jsp?x=1&t=1296061885427, http://ntcompatible.us.intellitxt.com/safari.jsp?t=1296061885273
http://theindychannel.us.intellitxt.com/safari.jsp?x=1&t=1296127724556, http://theindychannel.us.intellitxt.com/safari.jsp?t=1296127724483
http://slashphone.us.intellitxt.com/safari.jsp?x=1&t=1296056076651, http://slashphone.us.intellitxt.com/safari.jsp?t=1296056076173
http://newyork.cbslocal.us.intellitxt.com/safari.jsp?x=1&t=1295998418669, http://newyork.cbslocal.us.intellitxt.com/safari.jsp?t=1295998418634

It's a server problem, as I said. None of those sites (at least, a reasonable random sampling of them) will load at all for me, in either Safari or Firefox. (They do not download zero-byte .jsp files, they simply show as completely blank pages.) The servers' JSP code is broken, and your machine has probably been set by Citrix to do something special with these, which is why you're seeing a download instead of a blank page.

Just to confirm that I, too, am getting these "safari.jsp" downloads regularly since the last Safair update. They seem to be coming from new websites. Very annoying....

exact same problem here too

I have been having this problem also. It is recent, seems random, though it has popped up on sites like MSNBC.

Try downloading the latest version of Citrix. I have done so and, for the moment, these have gone away.

Message was edited by: ppakoe