Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

ColdFusion Document Download - Part 2

Posted on 2010-09-10
9
Medium Priority
?
185 Views
Last Modified: 2013-12-24
Hi,
This is in reference to question : http://www.experts-exchange.com/Software/Server_Software/Web_Servers/ColdFusion/Q_26461687.html

I understand now how to do a secure document download in ColdFusion using CFHeader and CFContent (thanks).

Q:  I'm not sure of the flow:
I have a page of icons/buttons/links that represent different documents that can be downloaded by the user.  When the user clicks one of these icons, what is the flow to download the document and redisplay the page?  Do I have to leave/reload the page - or is that more of a JScript or JQuery question?

Do I just go to another page (via a link), do the download and then CFlocation back to redisplay the original page of doc links?

Thanks in advance,
hefterr
0
Comment
Question by:hefterr
  • 5
  • 4
9 Comments
 
LVL 53

Accepted Solution

by:
_agx_ earned 2000 total points
ID: 33647406
You don't have to leave the page.  Link to another page that returns the file as a download. The browser will just display a download/save as prompt. But never leave the current page.

0
 
LVL 1

Author Comment

by:hefterr
ID: 33647708
Hi aqx,
Thanks for the tip.  I'll try it it out but may not get to it until Monday.  So I haven't forgotten about it!!
0
 
LVL 53

Expert Comment

by:_agx_
ID: 33647822
No worries ;-) Enjoy the weekend.
0
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

 
LVL 1

Author Comment

by:hefterr
ID: 33647823
Hi aqx,
I gave it a quick try.  It WORKS!!!  I think I owe you 250 beers now :)

thanks (again),
hefterr
0
 
LVL 1

Author Comment

by:hefterr
ID: 33647962
Oh - no!  After all this time I just noticed it's :"agx" (not aqx) .  Actualy it seems like it  "_agx_" ?

1,000  appologies.

hefterr
0
 
LVL 53

Expert Comment

by:_agx_
ID: 33648066
lol. Virtual beers are _very_ potent, so I probably shouldn't drink them all at once.

>> 1,000  appologies.

No worries.  I knew what you meant ;-) We'll blame it on the EE font/css.  

0
 
LVL 53

Expert Comment

by:_agx_
ID: 33648090
( Yeah, I'm definitely blaming it on the EE's CSS. Looking at it now, *I* can't even tell it's _agx_ .. and it's my own nickname ! ;-)

0
 
LVL 1

Author Comment

by:hefterr
ID: 33653158
Hi _agx_ (got it right this time),
One last question on the download issue.

I assume the original link woud go to a program that should again verify the credentials of the user before starting the download.  Otherwise you are just basically trading one unsecure link link for another.  In other words, anyone could still use the original link in the HTML to access the file.  It would just invoke a second program that serves it up.  So both programs have to verify the credentials of the user.  The first to provide the link and the 2nd to actually push the file.

thanks again,
hefterr
0
 
LVL 53

Expert Comment

by:_agx_
ID: 33658795
Sorry for the delay...

That all depends on how you're validating the credentials...  I'd assume you're requiring users to login in first via some *.CFM page. If the login is successful, you set a few session variables.  So if you wanted to verify the user was logged in, you'd need to link to a *.cfm script (not *.html page).   The .cfm script would then verify credentials, and redirect the user if they were NOT logged in.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the typical problems I have experienced is when you have to move a web server from one hosting site to another. You normally prepare all on the new host, transfer the site, change DNS and cross your fingers hoping all will be ok on new server…
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question