Javascript Tricks, Samples, Tutorials & Howtos

New versions notifications available via

Follow jtricksdotcom on Twitter
/ / Content-Disposition header - forcing SaveAs in browsers
Last updated: 12 Feb 2013

Content-Disposition header - forcing SaveAs in browsers

There are situations (to save a documentation in pdf format or a financial document) where you might want a hyperlink leading to a file to present a SaveAs dialog in browser. Ways to do that exist. However, flaky browser support makes its usage a walk in the mine field.

Forcing SaveAs using javascript in Internet Explorer

By means of javascript you can provide a dialog to save the page that is currently displayed (if the user is looking through Internet Explorer at your page that is).

For example:  Save this page

This is done through the following code:

<a href="javascript:void(0);"
 >Save this page</a>

However, usually you want to save another file, the file a hyperlink leads to. To do that javascript is not enough (at least there is no such standard way) and something must be done on the server.

Forcing SaveAs using the HTTP header

In order to force the browser to show SaveAs dialog when clicking a hyperlink you have to include the following header in HTTP response of the file to be downloaded:

Content-Disposition: attachment; filename="<file name.ext>"

Where <file name.ext> is the filename you want to appear in SaveAs dialog (like finances.xls or mortgage.pdf) - without < and > symbols.

You have to keep the following in mind:

  • The filename should be in US-ASCII charset and shouldn't contain special characters: < > \ " / : | ? * space.
  • The filename should not have any directory path information specified.
  • The filename should be enclosed in double quotes but most browsers will support file names without double quotes.
Ancient browsers also required the following (not needed nowadays, but for a fool proof solution might be worth doing):

  • Content-Type header should be before Content-Disposition.
  • Content-Type header should refer to an unknown MIME type (at least until the older browsers go away).

Detailed usage howto

...use Apache 2 configuration to add Content-disposition header

Content-disposition support in Internet Explorer

It seems that Internet Explorer has the worst track record of the Content-Disposition header support. The feature had many security vulnerabilities and as a result Microsoft changed the code many times sometimes breaking it altogether.

Practice has shown that download code uses a different HTTP header parser. And if that parser is unsuccessfull at handling all header lines, IE will fail to download file at all.

Version specifics:

Internet Explorer 9.0 Depending upon WinInet.dll version might fail to download file with filename containing the following special characters: < > \ " / : | ? * space.

Microsoft Knowledgebase articles: 949197
Internet Explorer 8.0 No known problems.
Internet Explorer 7.0 Mostly ok.

There are problems handling double-byte character set characters (such as Japanese)
Depending upon WinInet.dll version might fail to download file with filename containing the following special characters: < > \ " / : | ? * space.

Microsoft Knowledgebase articles: 933133 949197
Internet Explorer 6.0 Mostly ok.

As with Internet Explorer 5.01 there are problems in 6.0 Service pack 1 with handling Content-Disposition headers more than 150 bytes long.

Microsoft Knowledgebase articles: 816868
Internet Explorer 5.5 5.5 will try to show the file in browser window instead of downloading.

This problem was fixed in 5.5 Service Pack 1, but another one was introduced instead - it may save the referring document instead of the downloaded file.

This problem was fixed in 5.5 service pack 2.

Microsoft Knowledgebase articles: 267991 279667 281119
Internet Explorer 5.0 If the filename extension is not known, it will add it to the filename twice when saving the file.

For example, "newName.zzz" would be saved as "newName.zzz..zzz".

The bug was currected in 5.01.

Another problem was inability to handle Content-Disposition headers more than 150 bytes long. It was fixed in 5.01 Service pack 3.

Microsoft Knowledgebase articles: 262042 816868
Internet Explorer 4.01 Doesn't work.

Miscrosoft started supporting Content-Disposition:attachment header with Internet Explorer 5.0.

It might read the filename information from the header though if it was going to present the SaveAs dialog due to unrecognized file MIME type (if MIME sniffing fails).

Microsoft Knowledgebase articles: 182315

Content-disposition support in Mozilla/Firefox

Version specifics:

Firefox 1.5+ Will handle the header.
Firefox 1.0.x Even though there were several security vulnerabilities, Firefox seems to have adequate support for the Content-Disposition header.
Netscape 4.x Will not handle Content-Disposition. However, it will present Save As dialog if the it doesn't recognize Content-Type. Therefore setting Content-Type to nonexistent type will help.

Content-disposition support in Opera

Opera supports the Content-Disposition header since at least version 6. Opera also have had security problems related to the header, but as in the case with Firefox it works.

Content-disposition support in Chrome

Generally works; Older versions had issues with filenames having special characters like space or comma.

Try downloading files with Content-disposition

Try the header support in your browser, click here: