[whatwg] Forcing a download
jonas at sicking.cc
Fri Jul 22 14:03:12 PDT 2011
On Thu, Jul 21, 2011 at 11:58 PM, Ian Hickson <ian at hixie.ch> wrote:
> Is there any reason to use CORS here at all? It seems like the simpler
> solution would be the following:
> - If download="" is set, then by default trigger a download rather than a
> navigation action. (User can override via context menu.)
> - Pick a filename for the download as follows:
> - if the received resource has a Content-Disposition: attachment header
> that specifies a filename, use that.
> - otherwise, if the received resource has a Content-Disposition header
> that specifies a filename, and the resource is same-origin, use that
> - otherwise, if the received resource is same-origin and the
> download="" attribute specifies a filename, use that.
> - otherwise, if the received resource has a Content-Disposition:
> attachment header and the download="" attribute specifies a filename,
> use the filename from the attribute.
> - otherwise, if the received resource is same-origin then derive a
> filename from the resource.
> - otherwise, either abort or alert the user that a file is being
> downloaded from a different origin and prompt for a filename.
> - If a mapping from the MIME type to an extension is known, but the
> filename doesn't have that extension, add it.
> This is what I've used for now (modulo some allowances for user
> interfaces), but I welcome suggests for changing this.
The "otherwise, either abort or alert the user that a file is being
downloaded from a different origin and prompt for a filename" step
seems to allow to *very* different browser behaviors, resulting in a
site working in one browser, but not in another.
I'm still trying to find a date when we can do a security review about
this in mozilla though. It still does seem very strange to me that a
bank site which sends "cache-control: no-store" for a resource in
order to prevent it from being temporarily stored on the users hard
drive, can still end up being *permanently* stored on a users hard
drive. All that's needed is for the user to click a 'yes' button on a
download dialog while watching a seemingly harmless site.
More information about the whatwg