tags:

views:

51

answers:

4
+1  Q: 

Can I make the download dialog box appear without "save" option?

I have a hyperlink to an executable like so: <a href="xxx.exe"> Run Now </a> I'm trying to make the download dialog box appear without the save function as it is to only run only on the user's computer.

Is there any way to manipulate the file download dialog box?

FYI: Running on Windows Server '03' - IIS. Please no suggestions for a WCF program.

+1  A: 

Not unless you have some control over a user's machine. If your application can run on limited resources, you might want to consider doing it in Silverlight.

Yuriy Faktorovich  2010-07-01 19:38:20
+1  A: 

IMO, having a website launching an executable is a pretty bad idea.... even worst if that website is open to the general public (not on intranet). I don't know what that app is doing but it sure is NOT, 1) cross browser, 2) cross platform, and 3) safe for your users.

If you are on intranet, you might get away with giving the full server path (on a shared drive) to the executable and change security settings on your in-house machines.

Other than that, you won't succeed in a open environment such as the Internet.

Yanick Rochon  2010-07-01 19:47:19
Yea I know what you mean most current browsers filter for cross platform scripting but getting to page requires log in and other security measures.I just want the user to be able to only run. The user actually downloading the file is a security issue.
Roger Reynolds  2010-07-01 19:53:13
I think you misinterpret the concept of what you ask; you cannot "run" an executable (binary, or .exe in your case) from the user's browser without it to be downloaded first. Just like images, scripts, css, and all other resources displayed on the client, everything gets downloaded... in the temporary internet files (or internet cache) When you have a <A> with a href pointing on an resource (i.g. an exe file), the browser is merely "downloading" the data [...]
Yanick Rochon  2010-07-02 02:30:49
[...] and, depending on it's content type (an "exe" is "application/octet-stream") the browser takes an action; by default, for "application/octet-stream", it's "Save". But either way, the browser needs to download it locally before running it. If what you want is to "run" the executable on the server side, then your approach is simply wrong :)
Yanick Rochon  2010-07-02 02:31:46
+1  A: 

From your comments, if the user downloading the file is the issue, then there's no way to get around it, as they have to download the file in order to be able to run it.

There's any number of ways to get around whatever you could manage in browser, from proxies like Fiddler intercepting the data, or lower level things like packet sniffing. Or even simply going into the browser's temp/cache folder and copying the file out once it's running.

You could probably get around most laymen by having a program that they can download that registers a file extension with Windows. Then the file downloaded from this site would have the URL of the actual data obfuscated somehow (crypto/encoding/ROT-13/etc). The app would then go and grab the file. The initial program could even have whatever functionality provided by what you want to download, but it needs the downloaded key.

But this is moving into the area of DRM and security by obscurity. If an attacker wants your file, and it's on the Internet, they will get the file.

Matt S  2010-07-01 20:10:36
Right. Well the site just deals with 30 or so laymen no experienced attackers (accessing the program from their temp file would be unconventional wisdom for them and I'm not worried about the likelihood). The program is also prepackaged once inside it none of the info can be extracted or exported or even saved for that matter.I just want to get rid of that gosh darn "save" option, everything else is securely packaged.
Roger Reynolds  2010-07-01 20:18:28
+2  A: 

Okay I found it for anyone stumbling upon this conundrum in the future. Add the following tag to your head section: <meta name="DownloadOptions" content="nosave" /> and the file download dialog box will not display the "save" option.

For the user to not open/run but save replace "nosave" with "noopen"

Thanks to everyone who commented!!!

-Cheers.

Roger Reynolds  2010-07-01 20:57:00

related questions

Is it better to create Model classes, or just stick with generic database utility class?
What are effective options for embedding video in an ASP.NET web site?
Visual Studio 2008 debugger already attached work-around
Tracking state using ASP.NET AJAX / ICallbackEventHandler
ASP.NET Display SVN Revision Number
ASP.NET URL Rewriting
How can I change the background of a masterpage from the code behind of a content page?
Easy way to AJAX WebControls
How do I define custom web.config sections with potential child elements and attributes for the properties?
ASP.NET MVC "CRUD" Database Sample
Are Multiple DataContext classes ever appropriate?
How to RedirectToAction in ASP.NET MVC without losing request data
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP.NET built in user profile, Vs old stile user class/tables
What's a good book for learning ASP?
Bandwith throttling in IIS 6 by IP Address
ASP .Net Custom Client-Side Validation
How to get the value of built, encoded ViewState?
Decent, simple, GIS/mapping component for ASP.NET?
Checklist for IIS 6/ASP.NET Windows Authentication?
How to write to Web.Config in Medium Trust ?
ASP.NET, Visual Studio and Subversion - how to integrate?
Floating Point Number parsing: Is there a Catch All algorithm?
How do I sync the SVN revision number with my ASP.NET web site?
ASP.NET Site Maps