diff --git a/web/index.php b/web/index.php
index d93b46e23..4cc7cf75c 100644
--- a/web/index.php
+++ b/web/index.php
@@ -200,7 +200,7 @@ isset($view) || $view = NULL;
 isset($request) || $request = NULL;
 isset($action) || $action = NULL;
 
-if ( ZM_ENABLE_CSRF_MAGIC && $action != 'login' && $view != 'view_video' && $view != 'video' && $request != 'control' && $view != 'frames' && $view != 'archive' ) {
+if ( ZM_ENABLE_CSRF_MAGIC && $action != 'login' && $view != 'view_video' && $request != 'control' && $view != 'frames' && $view != 'archive' ) {
   require_once( 'includes/csrf/csrf-magic.php' );
   #Logger::Debug("Calling csrf_check with the following values: \$request = \"$request\", \$view = \"$view\", \$action = \"$action\"");
   csrf_check();
diff --git a/web/skins/classic/views/video.php b/web/skins/classic/views/video.php
index 6a111fed3..2a6a41424 100644
--- a/web/skins/classic/views/video.php
+++ b/web/skins/classic/views/video.php
@@ -82,6 +82,8 @@ if ( isset($_REQUEST['deleteIndex']) ) {
 }
 
 if ( isset($_REQUEST['downloadIndex']) ) {
+  // can't be output buffering, as this file might be large
+  ob_end_clean();
   $downloadIndex = validInt($_REQUEST['downloadIndex']);
   header('Pragma: public');
   header('Expires: 0');