Reputation: 13189
download html attribute does not rename the file using external URL
I am trying to rename a file when downloading it from <a> tag.
Here a simple example:
<a href="https://i.sstatic.net/440u9.png" download="stackoverflow.png">Download Stackoverflow Logo</a>As you can see, it never downloads the file with stackoverflow.png name, it does with default name though.
Nevertheless, if I download the image and tried to do the same with a local route, it renames the file properly.
Another example:
<a href="./images/440u9.png" download="stackoverflow.png">Download Stackoverflow Logo</a>The example above works properly.
Why download html attribute only works using local routes?
Thanks in advance!
Upvotes: 2
Views: 4528
Answers (3)
Reputation: 4430
The attribute download works only for same origin URLs.
By the way, you really should learn to use proper terminology, or else people won't understand you:
<a href="https://i.sstatic.net/440u9.png" download="stackoverflow.png">is a tag, specifically, an opening tag;downloadis an attribute;stackoverflow.pngis the value of the attribute;https://i.sstatic.net/440u9.pngis a URL, sometimes called an URI or an address.- The entire construction
<a href="https://i.sstatic.net/440u9.png" download="stackoverflow.png">Download Stackoverflow Logo</a>is an element.
A "route" is something else entirely, and has no relationship with HTML.
Upvotes: 4
Reputation: 943108
This is a security measure applied to cross-origin download requests where the server hosting the download does not use HTTP headers to explicitly mark the file as being for download.
From the HTML specification:
If the algorithm reaches this step, then a download was begun from a different origin than the resource being downloaded, and the origin did not mark the file as suitable for downloading, and the download was not initiated by the user. This could be because a download attribute was used to trigger the download, or because the resource in question is not of a type that the user agent supports.
This could be dangerous, because, for instance, a hostile server could be trying to get a user to unknowingly download private information and then re-upload it to the hostile server, by tricking the user into thinking the data is from the hostile server.
Thus, it is in the user's interests that the user be somehow notified that the resource in question comes from quite a different source, and to prevent confusion, any suggested file name from the potentially hostile interface origin should be ignored.
Upvotes: 0
Related Questions
- How to set name of file downloaded from browser?
- HTML download attribute change file name
- How can I set the file name for a download link?
- Download attribute with a file name not working?
- html download attribute filepath issue
- File download rename not working
- <a> download rename not working
- HTML5 anchor download filename not working
- HTML Rename download link
- Changing the value of the download attribute of an anchor with javascript