Re: http 1.1 RFC from Koen Holtman on 1998-06-23 (ietf-http-wg@w3.org from April to June 1998)

From: Koen Holtman <koen@win.tue.nl>
Date: Tue, 23 Jun 1998 13:22:42 +0200 (MET DST)
To: peter_lenahan@ibi.com
Cc: http-wg@cuckoo.hpl.hp.com
Message-Id: <199806231122.NAA02541@wsooti08.win.tue.nl>

peter_lenahan@ibi.com:
>
>
>     To: Tim Berners-Lee (http-wg@cuckoo.hpl.hp.com)
>     From: Peter Lenahan (pjl@ibi.com)
>     
>     May I ask for a feature in the next version HTTP 1.1
>     
>     I have read the HTTP 1.1 spec and searched for this and couldn't find 
>     a solution.
[...]     
>     The Content-Name would formally name the data, this would give the 
>     browser a name to save a file under when the user is prompted in the 
>     browser's save dialog box.

Hi Peter,

The upcoming update of the HTTP 1.1 specification RFC includes a
description of the feature you want.  This is not officially part of
the standard but it is widely adopted in current browsers.

I have included the draft text (from
draft-ietf-http-v11-spec-rev-03.txt) below.

Koen.


--snip--

  19.5.1 Content-Disposition

  The Content-Disposition response-header field has been proposed as a
  means for the origin server to suggest a default filename if the user
  requests that the content is saved to a file. This usage is derived
  from the definition of Content-Disposition in RFC 1806 [35].

          content-disposition = "Content-Disposition" ":"
                                disposition-type *( ";"
                                    disposition-parm )
          disposition-type = "attachment" | disp-extension-token
          disposition-parm = filename-parm | disp-extension-parm
          filename-parm = "filename" "=" quoted-string
          disp-extension-token = token
          disp-extension-parm = token "=" ( token | quoted-string )

  An example is

          Content-Disposition: attachment; filename="fname.ext"
  
  The receiving user agent should not respect any directory path
  information that may seem to be present in the filename-parm
  parameter, which is the only parameter believed to apply to HTTP
  implementations at this time. The filename should be treated as a
  terminal component only.
       
  [If this header is used in a response with the
  application/octet-stream content-type,(*)] the implied suggestion is
  that the user agent should not display the response, but directly
  enter a `save response as...' dialog.

  See section 15.5 for Content-Disposition security issues.

 (*) This half-sentence seems to have been dropped from the 03
 revision, it was still in the 01 revision.  Editing error?  I'll raise
 this as an issue.

Received on Tuesday, 23 June 1998 06:02:10 UTC