•Re: App-level security and downloadable files

In a column of mine from a few years ago, I talk about a portable way to generate distinct download filenames by using an ignored PATH_INFO section of the CGI's URL. That should solve your problem.

-- Randal L. Schwartz, Perl hacker
Be sure to read my standard disclaimer if this is a reply.

Comment on •Re: App-level security and downloadable files

Replies are listed 'Best First'.
[Re:^2] App-level security and downloadable files by geektron (Curate) on Mar 23, 2004 at 19:28 UTC
i think i see how the base idea is adaptable. essentially tack on another param to the link ... but that doesn't fix the issue of the difference between clicking the link and trying to save the link target, and that's where i'm focused. AFAIK, the server (and the script) don't know the difference between script invocation for display and script invocation for saving. I still want the end-user to be able to just view the files, not force them to save it (as a tar file or whatever) when they click (not right-click) the link.	[reply]
•Re: [Re:^2] App-level security and downloadable files by merlyn (Sage) on Mar 23, 2004 at 19:49 UTC
I think this still applies. You have `foo.html/what_I_want_to_be_saved_as.pdf`, and `bar.html/what_else_I_should_be_called.pdf`. If they click on it, they see it. If they click to save it, it's saved under the unique name. -- Randal L. Schwartz, Perl hacker Be sure to read my standard disclaimer if this is a reply.	[reply]