It can be useful to allow web users to download files from your site.
For many file types accomplishing this is trivial... just upload the file and link to it.
This works great for things like zip files, setup programs,
and many other file types that are simply downloaded by browsers by default.
That's not the case if you link to an ASP or ASPX page... it executes like you'd expect.
Text files don't download well either... the browser usually decides it should just display
the text. So how do you easily allow users to download these files?
Well you could simply change the file name to something that browsers wouldn't recognize,
but then you'd have to explain to your users how to rename it back. You could zip the file
in question, but then users would have to unzip it. This sample shows you another approach that
may be a little more work for you, but it allows you a greater amount of control, allows you
to optionally modify files in the process, and makes it really easy on your users.
In this sample, we use HTTP headers to specify a file name and get the browser to save a file.
Security Note:
Please note there are some potential security concerns with the script. It currently lets you
download any file in its folder. This is something that most sites do everything they can to avoid!
This includes web.config and Access database (*.mdb) files.
This isn't a problem for us because we let you see everything in our sample area anyway, but
please be careful and either add some file name contraints or make sure you know what you're
really allowing users to see before uploading this script to your own site.
Note: Clicking on the "Play with the running version." link below should simply cause a
file download prompt to appear because... well that's what this sample does!
