Solved

Internet Explorer immediately closes popup window that downloads file with content-disposition set as attachment.

Posted on 2009-05-18
6
932 Views
Last Modified: 2013-12-17
Hello,

I currently have my web application setup to be able to serve files to the client.  When the appropriate button is clicked to download a particular file, it sets a session variable and opens a pop-up window.  This pop-up window is a .aspx file.  The .aspx file grabs the file location based on the session variable, and then takes that file and serves it to the client with the provided code.  The problem I believe is because of this line:

Response.AddHeader("Content-Disposition", "attachment; filename=" + fi.Name);

I believe IE is forcing the pop up closed because of security reasons, claiming that the file type is something other than .aspx which is what the page loading in the window is.  If I comment out that line, the download works, except it doesn't give me the file I want, instead it has me download the .aspx file.

How can I get past this and have it so the window doesn't get forcibly closed so the download dialog box appears?

Also, this methodology works absolutely fine on a local intranet, which is also why it makes me believe it's a security reason that IE closes the window.  Changing IE Security settings to resolve this issue is not an option.

Thank you for your assistance.

if (File.Exists(filePath))
            {
                FileInfo fi = new FileInfo(filePath);
 
                if (fi.Extension.ToLower() == ".msg")
                {
                    Response.ContentType = "application/outlook";
                }
                else if (fi.Extension.ToLower() == ".doc")
                {
                    Response.ContentType = "application/msword";
                }
                else if (fi.Extension.ToLower() == ".htm" || fi.Extension.ToLower() == ".html")
                {
                    Response.ContentType = "text/html";
                }
                else
                {
                    Response.ContentType = "application/octet-stream";
                }
 
                Response.AddHeader("Content-Disposition", "attachment; filename=" + fi.Name);
                Response.AddHeader("Content-Length", fi.Length.ToString());
                Response.TransmitFile(filePath);
            }

Open in new window

0
Comment
Question by:Gewgala
  • 5
6 Comments
 
LVL 7

Expert Comment

by:dacIT
ID: 24415791
You can use a file handler instead of ASPX. I don't know if this will help your security issue, but it's a much lighter web file since there's no GUI HTML sent to the user's browser. If you're just serving up a file, make an ashx page with all the file handling in it and write the file to the output response of the ashx. You can still use querystring and session variables with this type of file. Security features might respond better since they understand that this is a file handler, not a web page.
0
 
LVL 7

Author Comment

by:Gewgala
ID: 24416116
Thank you, I will give that a shot right now.
0
 
LVL 7

Author Comment

by:Gewgala
ID: 24416291
It does not appear that I am able to access session variables from within the .ashx file.  Session variables that I have set in regular .aspx pages come back as null from within the .ashx.
0
Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

 
LVL 7

Author Comment

by:Gewgala
ID: 24416372
Ok I figured that part out, I have to implement System.Web.SessionState.IReadOnlySessionState (since I do not need to write to session variables from this file).  Without that all session variables come back as null in a .ashx file.  I will begin testing on a live site now to see if this solves my problem.
0
 
LVL 7

Author Comment

by:Gewgala
ID: 24424597
This does not appear to work.  IE still refuses to download the file.  It downloads fine in Chrome, but IE is a relentless annoying POJ.  This can't possibly be rocket science, file downloads happen on just about every single website, what am I doing wrong?
0
 
LVL 7

Accepted Solution

by:
Gewgala earned 0 total points
ID: 24477898
I figured out a solution for this, instead of forcing the file to download I just point the URL to the html file and allow the user to do a File > Save, specifically for those files that are problemmatic for me and had to be opened up in a popup to begin with.  This question can be closed.
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Real-time is more about the business, not the technology. In day-to-day life, to make real-time decisions like buying or investing, business needs the latest information(e.g. Gold Rate/Stock Rate). Unlike traditional days, you need not wait for a fe…
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to choose which pages of your form are visible to your users based on their inputs. The page rules feature provides you with an opportunity to create if:then statements for y…
Learn how to set-up custom confirmation messages to users who complete your Wufoo form. Include inputs from fields in your form, webpage redirects, and more with Wufoo’s confirmation options.

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question