Content-Disposition:attachment; wont download file

It's not mentioned in the changelog either. As Jotschi mentioned on Gitter, it would probably make sense to align the behaviour to common web servers. Looking at the Google results for e. Apache, the only things that pop up are how to make it add the header. Also, in the current version of the main source, the only mentions of the header are for form data. Similar results for nginx and IIS. With this, not sending it might be a sensible default behaviour, but it really depends on which use-case caused it to be added in the first place.

Since, for the binary download request, there are already some query parameters, and controlling responses via query parameters seems to match the general spirit of the REST API, adding the query parameter switch seems like the best option to me, given what I know about the context, and also respecting that some people might already be depending on the existing behaviour. Upload functionality can be a gold mine for pentesters, so I immediately got testing it.

In fact, trying to upload anything except images gave the same response. Even when the client gave me access to the source code, I validated it and the code appeared sound - only allowing uploads of a white-list of allowed types.

If a file was uploaded, it was downloaded by the browser in a response that included the content-disposition header:. Is followed by a string containing the original name of the file transmitted. The filename is always optional and must not be used blindly by the application: path information should be stripped, and conversion to the server file system rules should be done.

This parameter provides mostly indicative information. When used in combination with Content-Disposition: attachment , it is used as the default filename for an eventual "Save As" dialog presented to the user. Values reqParams. PresignedGetObject "testbucket" , "my-objectname" , time. Second , reqParams if err! In the same section we have the sentence: URI producing applications should percent-encode data octets that correspond to characters in the reserved set unless these characters are specifically allowed by the URI scheme to represent data in that component.

On the other side, in the same RFC we can find the definition of what is a query In our case ; appeared in query param Appendix A. I would suggest encoding this properly on the client-side. And look at the comment in the client that You have pointed as a reference: Please be informed that for now should Escape does not check all reserved characters correctly. The requirement here is niche please fix the client code and escape it yourself.

Closing this issue as won't fix. StefanS-O mentioned this issue Apr 24, Sign up for free to join this conversation on GitHub. The site's documentation should be able to tell you that. Furthermore, please remove the following two lines: post. You shouldn't send them to the server in your request though. The file MyContacts. I did like you said and commented out the headers, also the tokens I am talking about they work fine, I have printed and tested them By sending different request to the same website to get different data.

Still no good with download the file. By the Way I added these but now I get lots of errors.