I’m trying to server an exe to Firefox from an aspx page. The aspx page handles the headers and the page is launched by our Flex GUI. Flex correctly launches the link for all browsers (including Firefox) so I’m certain that’s not the issue.
The problem I’m having is when I try to download the file from within Firefox, FF downloads the file fine but it names it “Content”. It has no extension and the file name is incorrect. All the other browsers download it with the file name I specified in the aspx page and they all have the .exe extension. I should note that if I rename the “Content” file to “Content.exe” it runs correctly.
Below is the code I’m using in my aspx page –
protected void Page_Load(object sender, EventArgs e) {
string fileName = Request.QueryString["file"];
System.IO.FileInfo fileInfo = new System.IO.FileInfo(Server.MapPath(fileName));
Response.Clear();
if ( fileName.EndsWith(".exe") ) {
Response.ContentType = "application/exe";
}
else {
Response.ContentType = "application/octet-stream";
}
Response.AddHeader("Content-Disposition", "attachment; filename=" + fileInfo.Name);
Response.AddHeader("Content-Length", fileInfo.Length.ToString());
Response.WriteFile(fileInfo.FullName);
Response.Flush();
}
Any ideas and/or suggestions on why this isn’t working correctly in Firefox?
I just ran the exact code you have mentioned, without the Flex GUI part, in a simple asp.net website, and it works fine on my Firefox, I am getting file name with extension.
I am using Firefox version 3.6.16.
Here are few things you can try:
One more point, may be this is just for test purpose, as allowing to download files this way can be a security threat, as even if the url is being called from Flex GUI, people can monitor traffic using fiddler or wireshark, and then exploit it to download any file they want to. For example they can download web.config and see connection string, or they can download the code.
You should restrict user to download file from one location only and only few allowed extensions.