[whatwg] "Content-Disposition" property for <a> tags

Eduard Pascual herenvardo at gmail.com
Fri Jun 3 05:58:48 PDT 2011


On Fri, Jun 3, 2011 at 2:09 PM, Nils Dagsson Moskopp
<nils at dieweltistgarnichtso.net> wrote:
> Eduard Pascual <herenvardo at gmail.com> schrieb am Fri, 3 Jun 2011
> 10:23:25 +0200:
>
>> This grants the ability for any content provider to use an explicit
>> "Content-Disposition: inline" HTTP header to effectively block
>> "download links" from arbitrary sources.
>
> … thus placing a burden on content providers. If browser makers think
> content providers cannot even get their MIME types right (see image /
> video sniffing discussion), what makes you think anyone would configure
> headers for no immediate benefit?

Nothing. That's the beauty of putting a clear order of precedence: if
a host doesn't care how their content is delivered when reached
through a third party, then of course there is no need or reason to
add an explicit Content-Disposition header.
The explicit header would help those providers who want/need some
degree of control on how they serve their content.

Of course, a content provider can mess things up. And a page author
can as well. So I don't see why this would have any weight on choosing
the precedence between the HTTP header and the one given on the link.

My post was entirely about the precedence between the two sources of
the header, when they conflict. I think is obvious enough that the
provider of a resource should be given more weight than a third party
referencing to it. Either of the sides can still leave things to
whatever default could apply to each case if they don't care; but if
both care, and they conflict, the provider of the resource should have
the final say over whatever the third party may be requesting.

At the end of it, the user has always the ability to save a resource
that was rendered within the browser, and to try and open on the
browser one that was downloaded. And the browser has also a say: even
if a "Content-Disposition: inline" is given by both the HTTP host and
the link, but the browser has no way to render it, it will still show
up a download dialog or similar UI.
Content-Disposition is generally honored, but ultimatelly it's just a
hint; and the only thing I'm trying to clarify is that such hint
should be given more weigth when it comes from a source closer to the
resource it applies to (the server hosting it).

On a side note, if a link points to a resource on the same origin and
its content-disposition conflicts with that of the HTTP response, I
don't care too much which one is honored: the setup is wrong to begin
with and, as a content author and application developer who takes care
on correctness and throughout testing, I'm not too much concerned on
how blatantly erroneous content is handled (I simply put enough care
to not author such content).

Regards,
Eduard Pascual



More information about the whatwg mailing list