Re: Using Content-Encoding and Content-Disposition together from Foteos Macrides on 1997-08-07 (ietf-http-wg@w3.org from July to September 1997)

From: Foteos Macrides <MACRIDES@sci.wfbr.edu>
Date: Wed, 06 Aug 1997 21:49:45 -0500 (EST)
To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Message-Id: <01IM4UKFS3PE006PHS@SCI.WFBR.EDU>

Foteos Macrides <MACRIDES@SCI.WFBR.EDU> wrote:
>koen@win.tue.nl (Koen Holtman) wrote:
>>[...]
>>Well, this is not really a case where we have to agree on what the most
>>correct way is.  19.6.1 documents current practice, it is not
>>normative, so if anything, it should give hints about what to do with
>>current browsers.
>
>	That section references only RFC 1806, which describes the
>"attachment" and "inline" disposition types.  My recollection of
>a long-ago message from Lou is that Netscape based its implementation
>on the file upload RFC's "file" disposition type.  What is the
>appropriate disposition type to use in HTTP Content-Disposition
>headers and META elements, and can information about that be included
>in 19.6.1?

	I tracked down Lou's message (appended) and was remembering
it correctly.  So, how about some current practice guidance/hints
about that?

				Fote

=========================================================================
 Foteos Macrides            Worcester Foundation for Biomedical Research
 MACRIDES@SCI.WFBR.EDU         222 Maple Avenue, Shrewsbury, MA 01545
=========================================================================

Date: Fri, 08 Nov 1996 11:05:40 -0800
Resent-from: http-wg@cuckoo.hpl.hp.com
From: Lou Montulli <montulli@netscape.com>
Subject: Re: HTTP header suggestion/request

MegaZone wrote:
> 
> I've noticed more and more software vendors using CGI applications to allow
> users to download software.  Unfortuately at this time there isn't a way
> to tell user-agents to save the code under a name other than the script name.
> This problematic especially when there is more than one selection on a form.
> 
> I would like to suggest a new header for HTTP/1.1:
> Save-As:
> 
> A CGI application could return this header with a file name (and possibly
> path, although that has security implications - Save-As: /etc/passwd for
> instance.  Though it would fail on a well maintained system, it is still a
> risk) which would be used by the user agent instead of the script name for
> saving.
> 
> I would have a number of uses for this tag, and I've seen numerous sites
> that have the same aplication.  I think this would be a very useful addition.
> 

There is a solution that should already serve your purpose.

The Content-disposition header can contain a "filename"
parameter for naming a file.  When the Navigator sees this
parameter it will use it as a default filename for saving.

The following use should work when returned from a CGI script:

Content-disposition: file; filename=foo.exe

The Navigator only uses the filename parameter, everything
else in the header is currently ignored.

The Content-disposition header is also used in HTTP file upload
and is documented in Larry Masinter's RFC on file upload.

:lou
-- 
Lou Montulli                 http://www.netscape.com/people/montulli/
       Netscape Communications Corp.

Received on Wednesday, 6 August 1997 18:52:06 UTC