470,641 Members | 2,453 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 470,641 developers. It's quick & easy.

Automatic Download of Files using application/save on Windows XP SP2 Browsers

Hey, everyone.
For the past two years, we have offered files for download through a
secure website. Users, after clicking on a link, are redirected to a
PHP page that passes the appropriate header information to the user
and inquires if that user wishes to download the file.

A sample of that code is below:

header('Content-Type: application/save');
header('Content-Disposition:attachment; filename="'.$file_path .'"');
header('Content-Transfer-Encoding: binary');
header('Content-length: ' . filesize($full_file_path));
readfile($full_file_path);

However, with the enhanced security now available in Windows XP SP2,
users are no longer prompted to download the file. In fact, Windows
XP SP2 not only suppresses the download but will not even present the
end user with an option to download the file. Has anyone else
encountered this type of situation? If so, is there a programmtic
solution to, at the very least, prompt the user to download the file
without requiring the user include the website as one of his/her
trusted websites.

Thanks,
Chris
Jul 17 '05 #1
2 4297
Chris Lobdell wrote:

[ ... ]
header('Content-Type: application/save');
Sending application/save is not appropriate; using non-
registered media types is discouraged by the spec which,
given the information you provided, you're otherwise
adhering to. If you must make them up, prefix 'x-'. Why
make them up?
header('Content-Disposition:attachment; filename="'.$file_path .'"');
I'm not convinced if C-D:attachment has a place on the WWW.
Is it the provider's job to indicate that the presentation
of a resource be 'contingent upon some further action of the
user' (RFC2183 sec. 2.2)? I don't see much point in either
the inline or attachment disposition types. Perhaps an
undefined disposition type together with a filename
parameter have some use though.
header('Content-Transfer-Encoding: binary');
Now I'm thinking this isn't for the WWW, because RFC2616
doesn't define a CTE header. What did you mean by this?
header('Content-length: ' . filesize($full_file_path));
readfile($full_file_path);

However, with the enhanced security now available in Windows XP SP2,
users are no longer prompted to download the file. In fact, Windows
XP SP2 not only suppresses the download but will not even present the
end user with an option to download the file. Has anyone else
encountered this type of situation? If so, is there a programmtic
solution to, at the very least, prompt the user to download the file
without requiring the user include the website as one of his/her
trusted websites.


Stop prompting. What made you want to prompt anyway?

--
Jock
Jul 17 '05 #2
I'm having the same problem. Nothing happens after initiating download.
Here's the code:

<?php
if (isset($file)) {
$len = filesize($file);
$filename = basename($file)

//Begin writing headers
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Type: application/pdf");
header("Content-Disposition: attachment; filename=$filename");
header("Content-Transfer-Encoding: binary");
$fh = readfile("$filename");
fpassthru($fh);
exit;
}
?>

to see it in action (or rather inaction) go to:
http://www.chachasupermarket.com/contact.php

hover over products and click on Cataloque Download
Apr 30 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

4 posts views Thread by kingofkolt | last post: by
2 posts views Thread by Michael Foord | last post: by
19 posts views Thread by Mel | last post: by
4 posts views Thread by Kevin Muenzler, WB5RUE | last post: by
4 posts views Thread by sunilj20 | last post: by
6 posts views Thread by Mike Saunders | last post: by
12 posts views Thread by Bob Bedford | last post: by
???
1 post views Thread by Stoney L | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.