- From: Lou Montulli <montulli@netscape.com>
- Date: Fri, 08 Nov 1996 11:05:40 -0800
- To: MegaZone <megazone@livingston.com>
- Cc: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
MegaZone wrote:
>
> I've noticed more and more software vendors using CGI applications to allow
> users to download software. Unfortuately at this time there isn't a way
> to tell user-agents to save the code under a name other than the script name.
> This problematic especially when there is more than one selection on a form.
>
> I would like to suggest a new header for HTTP/1.1:
> Save-As:
>
> A CGI application could return this header with a file name (and possibly
> path, although that has security implications - Save-As: /etc/passwd for
> instance. Though it would fail on a well maintained system, it is still a
> risk) which would be used by the user agent instead of the script name for
> saving.
>
> I would have a number of uses for this tag, and I've seen numerous sites
> that have the same aplication. I think this would be a very useful addition.
>
There is a solution that should already serve your purpose.
The Content-disposition header can contain a "filename"
parameter for naming a file. When the Navigator sees this
parameter it will use it as a default filename for saving.
The following use should work when returned from a CGI script:
Content-disposition: file; filename=foo.exe
The Navigator only uses the filename parameter, everything
else in the header is currently ignored.
The Content-disposition header is also used in HTTP file upload
and is documented in Larry Masinter's RFC on file upload.
:lou
--
Lou Montulli http://www.netscape.com/people/montulli/
Netscape Communications Corp.
Received on Friday, 8 November 1996 11:19:58 UTC