By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
448,773 Members | 1,778 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 448,773 IT Pros & Developers. It's quick & easy.

Automatic Download of Files using application/save on Windows XP SP2 Browsers

P: n/a
Hey, everyone.
For the past two years, we have offered files for download through a
secure website. Users, after clicking on a link, are redirected to a
PHP page that passes the appropriate header information to the user
and inquires if that user wishes to download the file.

A sample of that code is below:

header('Content-Type: application/save');
header('Content-Disposition:attachment; filename="'.$file_path .'"');
header('Content-Transfer-Encoding: binary');
header('Content-length: ' . filesize($full_file_path));
readfile($full_file_path);

However, with the enhanced security now available in Windows XP SP2,
users are no longer prompted to download the file. In fact, Windows
XP SP2 not only suppresses the download but will not even present the
end user with an option to download the file. Has anyone else
encountered this type of situation? If so, is there a programmtic
solution to, at the very least, prompt the user to download the file
without requiring the user include the website as one of his/her
trusted websites.

Thanks,
Chris
Jul 17 '05 #1
Share this Question
Share on Google+
2 Replies


P: n/a
Chris Lobdell wrote:

[ ... ]
header('Content-Type: application/save');
Sending application/save is not appropriate; using non-
registered media types is discouraged by the spec which,
given the information you provided, you're otherwise
adhering to. If you must make them up, prefix 'x-'. Why
make them up?
header('Content-Disposition:attachment; filename="'.$file_path .'"');
I'm not convinced if C-D:attachment has a place on the WWW.
Is it the provider's job to indicate that the presentation
of a resource be 'contingent upon some further action of the
user' (RFC2183 sec. 2.2)? I don't see much point in either
the inline or attachment disposition types. Perhaps an
undefined disposition type together with a filename
parameter have some use though.
header('Content-Transfer-Encoding: binary');
Now I'm thinking this isn't for the WWW, because RFC2616
doesn't define a CTE header. What did you mean by this?
header('Content-length: ' . filesize($full_file_path));
readfile($full_file_path);

However, with the enhanced security now available in Windows XP SP2,
users are no longer prompted to download the file. In fact, Windows
XP SP2 not only suppresses the download but will not even present the
end user with an option to download the file. Has anyone else
encountered this type of situation? If so, is there a programmtic
solution to, at the very least, prompt the user to download the file
without requiring the user include the website as one of his/her
trusted websites.


Stop prompting. What made you want to prompt anyway?

--
Jock
Jul 17 '05 #2

P: 1
I'm having the same problem. Nothing happens after initiating download.
Here's the code:

<?php
if (isset($file)) {
$len = filesize($file);
$filename = basename($file)

//Begin writing headers
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Type: application/pdf");
header("Content-Disposition: attachment; filename=$filename");
header("Content-Transfer-Encoding: binary");
$fh = readfile("$filename");
fpassthru($fh);
exit;
}
?>

to see it in action (or rather inaction) go to:
http://www.chachasupermarket.com/contact.php

hover over products and click on Cataloque Download
Apr 30 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.