Uses of content-disposition in an HTTP response header

Question

I have found the following asp net code to be very useful when serving files from a database   Response AppendHeader  content-disposition    attachment  filename     fileName     This lets the user save the file to their computer and then decide how to use it  instead of the browser trying to use the file   What other things can be done with the content-disposition response header

User · Answer

Well  it seems that the Content-Disposition header was originally created for e-mail  not the web    Link to relevant RFC    I m guessing that web browsers may respond to  Response AppendHeader  content-disposition    inline  filename     fileName     when saving  but I m not sure

User · Answer

This header is defined in RFC 2183  so that would be the best place to start reading   Permitted values are those registered with the Internet Assigned Numbers Authority  IANA   their registry of values should be seen as the definitive source

User · Answer

Refer to RFC 6266  Use of the Content-Disposition Header Field in the Hypertext Transfer Protocol  HTTP   http   tools ietf org html rfc6266

User · Answer

For asp net users  the  NET framework provides a class to create a content disposition header  System Net Mime ContentDisposition  Basic usage   var cd   new System Net Mime ContentDisposition    cd FileName    myFile txt   cd ModificationDate   DateTime UtcNow  cd Size   100  Response AppendHeader  content-disposition   cd ToString

User · Answer

Note that RFC 6266 supersedes the RFCs referenced below  Section 7 outlines some of the related security concerns   The authority on the content-disposition header is RFC 1806 and RFC 2183  People have also devised content-disposition hacking  It is important to note that the content-disposition header is not part of the HTTP 1 1 standard   The HTTP 1 1 Standard  RFC 2616  also mentions the possible security side effects of content disposition      15 5 Content-Disposition Issues      RFC 1806  35   from which the often   implemented Content-Disposition    see section 19 5 1  header in HTTP is   derived  has a number of very   serious security considerations    Content-Disposition is not part of   the HTTP standard  but since it is   widely implemented  we are   documenting its use and risks for   implementors  See RFC 2183  49     which updates RFC 1806  for details

[http] Uses of content-disposition in an HTTP response header

Examples related to http

Examples related to http-headers

Examples related to httpwebresponse

Examples related to httpresponse

Examples related to content-disposition