Vivaldi is doing the same thing on my Rocky Linux 9 system. On this system, the version of vivaldi is 7.8.3925.76. Firefox on both fedora and rocky linux systems downloads the files with the correct sizes and correct sha256 hashes.
This is a serious problem for vivaldi, which does not download the files from the website correcty -- they have incorrect file sizes and, of course, incorrect sha256 hashes.
I guess I'm back to Firefox (version 145.0) for now.
Testing with other browsers such as Firefox on Android (143.0.4) and Firefox Focus on Android (143.0.4), the downloaded files also show the same sizes as Vivaldi (7.9.3970.45).
It appears more likely to be a configuration issue on the server, and I have notified the website service provider.
For now, it does not appear to be a vivaldi browser-specific problem. It is very strange that Firefox 145.0 handles the download correctly.
Concerning the issue of downloading .tar.gz files from a website using different browsers, the support team from the website service provider replied that this is a browser issue.
I verified that this was indeed the case. When vivaldi downloads a .tar.gz file, it uncompresses it, but keeps the original file name, instead of renaming it as a .tar file. This is bizarre behavior, but it is apparently not the only browser to do this.
I'm thinking the proper way to deal with this issue is to just use curl from the command line e.g.
curl -O https://<serverpath/filename>
to retrieve the file in its raw form and bypass browsers altogether.
Browser decompression is a huge security concern, especially when the packager provides a signature (PGP) or hash (such as NIST-recommended SHA256 hash) for the compressed file. I don't think there's a guaranteed way to verify the signature or hash after decompression.
New Age