News Archive
PhpRiot Newsletter
Your Email Address:

More information

Phil Sturgeon's Blog: Hijacking Headers to Force Downloads

Note: This article was originally published at PHPDeveloper on 30 March 2012.

Phil Sturgeon shows how you can hijack headers in his latest post to force a download to the client (even on a hosted service like PagodaBox).

The question [I posed on Twitter] was: "How to force a download of any file of any type, not on your server, without Apache tweaking? Images are displaying and need em to download." Essentially, I wanted to be able to link to a file that was not on the server in question and anywhere in the world, which could be of any size, any media type and could be potentially very high traffic.

Answers varied from using readfile to just letting the browser handle it. None of the responses were quick right until he came across one that recommended some settings in an .htaccess file. It uses mod_rewrite (Apache) to redirect the user to a new resource while adding a "Content-Disposition" header in the process (of "attachment").