Saturday, April 14, 2007

.Net Coding Tip: Forcing Open/Save prompt using HTTPS

I ran into an issue the past couple of days regarding prompting the user with a OPEN/SAVE prompt for exporting data. It's been working for as long as I can remember, but yesterday I upgraded the site to use an SSL certificate. But in doing so the OPEN/SAVE prompt for one of my pages no longer worked and was causing an IE error.

Further research confirmed that there are some known IE bugs regarding setting the ContentType and Content-Disposition to support forcing an attachment to be streamed directly to the user via the OPEN/SAVE prompt, opposed to having to actually save the file to disk and worry about disk space, permissions, etc.

Since it took me a while to pin down getting this to work with HTTPS (SSL) I thought I'd go ahead and share the code in case anyone else ran into the same thing.

Response.ContentType = "application/csv"
Response.AppendHeader("Content-Disposition", "attachment; filename=Registrations.csv")

The Response.ClearHeaders() line was the line I had to add to solve the problem.

Apparently this is only a problem with IE browsers and I saw several posts about it and all of them had different solutions proposed, such as setting the Pragma and other header related values, but I couldn't get any of those to work. So I thought if I couldn't change the header values I would simply just clear them all out and set exactly what I needed, which was the ContentType and the Content-Disposition.

After adding that single line of code the page now works for HTTP and HTTPS and from my testing works in all major browsers (IE, Firefox, etc.).