This is nothing new. In fact, in terms of code, it's
downright old. The code's been available on the site ever
since I wrote it, but it took some creative thinking to get
it... until now.
I'm not sure how useful this will be for others, but here's the script
we've been using to get the download box to pop up for our scripts.
It seems to work for the most part. We've had problems with IE in the
past displaying things that look like HTML documents within the first
couple lines, but the ASP 101 Sample Code header we add seems to get
So as not to let people run wild with this, we have two conditionals
limiting it's use. The first looks for and aborts if it finds
any / or \ characters in the input. This keeps things in the right
directory. It can easily be removed, but it seemed like a good first
step at stopping abuse.
The other was designed as a nice little filter so that you'd only see the
important stuff when you got sample code. The script looks for two comments
indicating when to start returning the code and when to stop. On top of
keeping the code you download free of all our nav bars and ad code, it
also works as another little security check. You see... if it never
finds the start comment, it doesn't return anything. Hence, any file that you
haven't explicitly added the comment to should be safe from prying eyes.
This is also
easy to remove if you'd like, but please be careful. It's rather trivial
for someone to use code like this to be able to read almost any file on
your server... even stuff outside of your web directories!
There are a number of MS Knowledgebase articles relating to this
topic. Here are some of the ones we've found useful in fixing IE's
problems with the right way to do this. Come to think of it this
would be downright easy if it weren't for all the bugs!