I noticed that downloading a file attachment with download method set to PRIVATE (and URL rewrite OFF) all files get downloaded without the file-name, resulting in an index.php@somethingstrange.pdf (for example)
If the method is set to PUBLIC, or URL Rewrite is ON, that problem don't appear since browser gets the file "directly" ..
My patch adds an HTTP-Header Conten-Disposition (http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1 and http://www.ietf.org/rfc/rfc2183.txt) that sets the filename while downloading an attached file, resulting in a clean HTTP-Response about that file.
Regards
Comment | File | Size | Author |
---|---|---|---|
#16 | upload.module.d5.content-disposition.patch | 649 bytes | Freso |
#16 | upload.module.d7.content-disposition.patch | 613 bytes | Freso |
#15 | upload.module.d6.content-disposition.patch | 625 bytes | Freso |
#13 | upload.module.d6.content-disposition.patch | 637 bytes | Freso |
#12 | upload.module_content-disposition.patch | 568 bytes | thePanz |
Comments
Comment #1
thePanz CreditAttribution: thePanz commentedPatch for DRUPAL--6 HEAD
Comment #2
drewish CreditAttribution: drewish commentedi don't think you're correctly quoting the filename in all cases. non-ascii characters will need to be escaped.
Comment #3
thePanz CreditAttribution: thePanz commentedI added mime_header_encode() to manage non-ASCII caracters.. hope this fixes it.
Comment #4
Freso CreditAttribution: Freso commentedI can't reproduce this – the files come home cleanly here, with both private download and non-ASCII character (æøå). I'm getting a bunch of
though, but I don't think that's related... (I also found out that if I upload "æøå.txt", it will get renamed to "txt." – but again, this is hardly related.)
Comment #5
Freso CreditAttribution: Freso commentedI didn't notice the URL rewrite=off. Oops. :$
Anyway, patch doesn't apply:
And I don't have time to re-roll just right now.
Comment #6
thePanz CreditAttribution: thePanz commentedHi Freso, thanks for interesting in my patch..
I edit Drupal-HEAD branch and created the patch.. I added only one line to upload.module..
from the log you pasted I noticed you used Drupal5 patch (the first I post) against D6 install.. try to use latest patch from http://drupal.org/node/180778#comment-318639 against D6!
Regards!
Comment #7
Freso CreditAttribution: Freso commentedRight, sorry I missed that. Oops. :x
Anyway, the D6 patch doesn't apply either:
Please re-roll.
Comment #8
thePanz CreditAttribution: thePanz commentedPatch against:
upload.module,v 1.184 2007/10/10 10:24:25
If you got errors, try to get latest -dev D6 code of upload.module or to edit it by hand... it's 1line patch..
Regards
Comment #9
birdmanx35 CreditAttribution: birdmanx35 commentedFeature requests -> 7.x-dev
Comment #10
Freso CreditAttribution: Freso commentedFeature? I'd say usability. Receiving a file as "index.php?..." is not what a user expects, and that is what this issue is out to fix. It's also a very minor patch which does not alter, add, or remove any string or part of the API.
I'd also say that this is good for (being ported to) Drupal 5 once it's gone into D6.
Comment #11
moshe weitzman CreditAttribution: moshe weitzman commentedComment #12
thePanz CreditAttribution: thePanz commentedThis patch is for Drupal6, retrieved as drupal--6-0
Regards
-ThePanz-
Comment #13
Freso CreditAttribution: Freso commentedUploaded re-rolled patch. Will test in a bit.
Comment #14
Freso CreditAttribution: Freso commentedWorks perfectly for me. Here are the steps to test:
Comment #15
Freso CreditAttribution: Freso commentedOne thing I just noticed about this patch: All uploaded files will now be downloaded, instead of possibly shown in the browser like now. (Eg., my Firefox shows XML and PNG files, while PDF and ODT files are downloaded. This would also mean that patches etc. would have to be shown outside the browser, which I would find to somewhat of an inconvenience when quickly browsing e.g. this issue queue.)
Removing the "attachment;" seems to do the trick. Same test procedure as before.
Comment #16
Freso CreditAttribution: Freso commentedAnd here are some ports of the previously attached patch: One for Drupal 5 and one for Drupal 7.
Note that these haven't been tested - I'm simply assuming that since the patch is as simple as this, and it works on Drupal 6, then it'll also work there. But it would probably be proper to have them tested. Test procedure should be more or less the same as before.
Comment #17
Susurrus CreditAttribution: Susurrus commentedContent that should be shown in the bowser should use
inline;
, while files that should be downloaded should useattachment;
. I would think we shouldn't specify this like said in #15.Comment #18
Freso CreditAttribution: Freso commentedPerhaps this would gain some ground and actually have a chance of being committed if it is applied to the latest dev instead of stable? I haven't tested it on 7.x though.
Comment #19
drewish CreditAttribution: drewish commentedfreso, the standard workflow is to get a change committed to HEAD (at this point 7.x) and then backport it if it's a bug fix.
section 2 of RFC1283 provides the grammar for Content-Disposition as:
extension-token is defined by RFC2045 as:
So, in my opinion, to follow the standard, we can't just provide a filename. We need to specify either 'inline', 'attachment', or 'x-something'.
Comment #20
thePanz CreditAttribution: thePanz commentedHi Freso, thank you for your work with my little issue :)
In #15 i think it'a a Firefox "bug", I read about it in some Ubuntu forums.. simply Firefox has some troubles when saving default application for opening some downloaded files.. I get the same problem, but I noticed that Firefox, when Uploading a file, sets the wrong MIME-Type for it, so Drupal saves that info in DB and you got this error, try to browse your {files} database table and take a look to MIME-Type value.
Regards
Comment #21
Freso CreditAttribution: Freso commentedCouldn't we call the token simply
x-drupal
, or, for kicks, usex-attachment
? My guess is that either of those would trigger the same course of action as having no disposition type defined. I'll try and get around to it (making a patch and testing it) sometime this week. We'll see. (If someone feels like beating me to it, I won't hold any grudges, and I promise to test the patch - against any of the three versions patches are provided for! :))Comment #22
thePanz CreditAttribution: thePanz commentedI think we must follow RFC standard and use "attachment" as disposition. I think that the wrong mime-type is due to a wrong value in Drupal {files} table, try to check it Freso! :) Maybe give a read to my other issue here: http://drupal.org/node/174419
Regards!
Comment #23
Freso CreditAttribution: Freso commented@thePanz: The RFC states that you can use "inline", "attachment", or an extension-token. The extension-token can be one defined by the IETF, a local one (x-foo), or a generic token (which I don't really get, but something like 1*foo I think). Using an "x" token would thus not be non-standard and would (probably) work around buggy browsers like Firefox, no matter the sent MIME type.
Comment #24
Stol CreditAttribution: Stol commentedThanks for the patch! Now my private downloads are working again!
This issue is fixed in the CCK filefield module! So for everyone who doesn't want to patch use the filefield of CCK instead of the core upload module!
Comment #25
drewish CreditAttribution: drewish commentedmarked #258723: Filenames (Content Disposition Header) for Private Downloads as a duplicate
Comment #26
bander2 CreditAttribution: bander2 commentedThanks a lot every one! I was having this problem and instituted a workaround with webfm, but this is much better.
Comment #27
jvieille CreditAttribution: jvieille commentedWhy is the patch (#15) not yet committed one year after it is solved?
I am tired modifying core files each time a new D6 is released.
D7 is not there yet, D5 and D6 shall still be maintained - I just speak for D6, but I suppose D5 hasn't be ported too.
Comment #28
Freso CreditAttribution: Freso commentedIt can't be committed to 6.x, if it isn't committed to HEAD first. And the issue from drewish's comment #19 hasn't been dealt with yet, which is why it still "needs work".
Comment #29
jvieille CreditAttribution: jvieille commentedOK, I'll forget Upload.
I already switched most of me sites to File Framework, I'll proceed with the rest.
Interesting that dealing with files seems not of high priority in Drupal...
Comment #30
drewish CreditAttribution: drewish commentedupload module is no more as of 7.x. file.module is the new happening spot.
jvielle, there's been a lot of hard work on files in 7.x sorry we're all not jumping up and down to solve the single issue that bothers you.
Comment #31
Damien Tournoud CreditAttribution: Damien Tournoud commentedOnly feature requests and tasks can be assigned to D8 for now, because the Drupal 8 tree is not opened yet.
Comment #32
3dloco CreditAttribution: 3dloco commented+1