Snaps_Provolone has asked for the wisdom of the Perl Monks concerning the following question:

I am trying to create a script that will send a binary file to a client's web browser when they click a link that points to the script. The link would contain the information about the file to send. This is done so that I can have the script check the referrer to insure that the download request was referred from my domain. I am unable to figure out how to make the script send the file to the client. I am sure there is a very well documented way to do this, but I am having a hard time finding it, can anyone point me in the right direction?

Replies are listed 'Best First'.
Re: Processing HTTP file transfers
by ehdonhon (Curate) on Apr 22, 2002 at 21:48 UTC

    See This Node for information about doing what you are trying to do.

    But, be warned that the referrer information is information that comes from the client, so it is not secure at all and should not be trusted with anything important.

[reply]
      Perfect solution. Thanks for the pointer.
[reply]
Re: Processing HTTP file transfers
by Zaxo (Archbishop) on Apr 22, 2002 at 21:57 UTC

    The recent Q&A How do i force the user to download my content? addresses your issue.

    Note that referrer is easily spoofed. If content protection matters that much, you may want to look at session id's and encrypted connections.

    After Compline,
    Zaxo

[reply]
Re: Processing HTTP file transfers
by gryphon (Abbot) on Apr 22, 2002 at 21:59 UTC

    Greetings Snaps_Provolone,

    I read somewhere, I think maybe in the GD::Graph or Spreadsheet::WriteExcel documentation, that it can be done by controlling the CGI header. The examples given in this documentation are similar to:

    print "Content-type: application/vnd.ms-excel\n";
print "Content-Disposition: attachment; filename=yourfile.xls\n";
print "\n";

    [download]

    Of course, if you're doing anything with CGI, you should definately use the CGI.pm module. In this case, you might try:

    #!/usr/bin/perl -w
use strict;
use CGI;

my $query = new CGI;
print $query->header(
  -type => 'application/vnd.ms-excel',
  -content_disposition => 'attachment; filename=yourfile.xls'
);

binmode STDOUT;

    [download]

    Oh, and that reminds me: that last line is important. Switch to binmode before you print your binary data to the browser.

    BTW, what sort of binary data are you trying to send to the user's browser?

    -gryphon
    code('Perl') || die;

    UPDATE: After re-reading your post, I realize now that I'm not exactly answering your question. Sorry. However, let me point out that if you have your script load and print the binary file to the browser rather than redirecting the user, you can more easily control the user experience. A redirect will show the user where you are housing the file(s) s/he wants. I don't know if this is a concern or not, but anyway...

[reply]
[d/l]
[select]
      To make my posting a bit clearer, yes I do want to hide the files true source from the client. The files are ZIP files. Basically it's trying to keep people from linking directly my files. I don't think that I need the extra security of session ID's, just a simple referrer check would probably suffice to keep my files from being linked all over the web. If you want to see what I am doing currently - peek at http://www.clan-originalsin.com/files/cgi-bin/files/os-files.pl?ViewStart=0&ViewCat=4&B1=View
[reply]
Re: Processing HTTP file transfers
by Mandor (Pilgrim) on Apr 22, 2002 at 21:47 UTC
    I am not 100% sure if this is what you want. But you could try to use the redirect method of the all-famous CGI module.
[reply]

Back to Seekers of Perl Wisdom