Force Download

  • Resolved mrmatthewsg

    (@mrmatthewsg)


    3 years ago

    In the last week or so I’ve noticed that all of my links to download PDFs are no longer forcing download but instead going directly to the online PDF link. I know it happened in the last few weeks because I just recently added a new PDF back on March 9th and all was working exactly as expected where it forces the download when clicking on the link. I have not changed anything else on my website or in the site files and I made sure that I’m up-to-date with updates for wordpress and the plugin. I’m not sure what has changed or how to fix it as I do not want the direct link to the PDF to be accessible. Thanks for any help in this.

Viewing 14 replies - 1 through 14 (of 14 total)

  • Hey @mrmatthewsg ,

    Could you give us a link to a page where we can find a downloadable file?

    Kind Regards!
    Razvan

    Thread Starter mrmatthewsg

    (@mrmatthewsg)

    Sure you can find several on this page:
    https://reflectionpress.com/free-stuff/we-the-people-self-publishing-resources/

    but it is happening across several of my websites.

    Hello,

    Did you make any modifications from the time you sent the link until now? Tried with the following browsers : Edge, Firefox, Chrome. All worked, downloaded all files present in the page you sent. Could you please try on your OS with a different browser or eventually a different machine?

    Kind Regards!
    Razvan

    Thread Starter mrmatthewsg

    (@mrmatthewsg)

    I’m not having an issue downloading the files. I was having an issue where it should pop-up asking whether I want to save the file and instead it opens the PDF directly in the browser making the link visible to be shared on its own. But I haven’t changed anything and “Redirect to File” is NOT checked on any of my downloads. Prior to a week or so ago the direct link to the PDFs was not accessible or visible but now clicking on them the link and PDF are accessible directly from the browser instead of forcing it to download. Are you saying that you are being prompted to pick a location for the file before it downloads or are you being redirected right to the PDF in the browser?

    I am saying that it downloads directly, without asking where to download. It doesn’t redirect me to the PDF, it forces the download automatically. Maybe you changed something in your browser settings ( intentionally or by mistake – I myself set the always download setting on Firefox for example and will not be asked if I want to download or open the file ) and put a default to not download the PDF but open it directly, that is why I was asking to check on another machine.

    Could you please give the link of the PDF when you try to download it: so after you click the download button you say that it opens the PDF in the browser – could you give that link to me?

    Kind Regards!
    Razvan

    Thread Starter mrmatthewsg

    (@mrmatthewsg)

    Thanks for the clarification.
    Here’s an example of one of the PDFs.
    https://www.reflectionpress.com/download/141784/
    The link right to the PDF now appears to be visible and available to share as is, whereas before it would say someone didn’t have permission to access the file if they entered this link directly into the browser.
    They could only access it if they clicked directly on our download button on our websites.

    Hey.

    If I hover the specified PDF download button I can see the link that Download Monitor puts ( SS here: https://imgur.com/a/nr5Dlsp ), so no direct link to the PDF. Could you please send a screenshot on how it is displayed from your point of view and how you can view the PDF directly?

    If the PDF is found in the wp-content/uploads/dlm_uploads folder it should be protected and visitors should not be able to see it there. But, there are some scenarios that visitors can enter the said folder:
    – the .htaccess file that should be in the dlm_uploads folder is no more or is empty
    – you changed from Apache to NGINX and the .htaccess file does not work anymore because the .htaccess file does not work anymore, NGINX needs other type of configuration to be able to restrict access in that folder

    Could you please verify the above senarios?

    Kind Regards!
    Razvan

    Thread Starter mrmatthewsg

    (@mrmatthewsg)

    Yes, so that link that you can see when hovering over it appears to now be accessible when I enter it into my browser, here’s a screenshot: https://www.dropbox.com/s/ih4v3428ek9m6sv/Screenshot2022-03-24-pdf-link.png?dl=0
    And this is happening across several of my websites, whereas before you could not open it in your browser or share that specific link.
    For this particular website, yes the downloads are in the dlm_uploads folder and the .htaccess is still there and it says “deny from all”
    I’m not exactly sure about Apache vs NGINX, I believe that the hosting company I use may have switched over to NGINX based on looking things up quickly but I am not sure, is there a way to confirm that?
    Essentially I don’t want that download link to be accessible if you enter it directly in the browser because I don’t want the direct links to the PDFs shared outside of our website. Does that make sense?

    Hello,

    Actually the URL you showed in the screenshot is the URL of the download, set by the plugin, and not the URL of the PDF file, so if the redirect to the file would have happened the URL should have looked something like this : https://reflectionpress.com/wp-content/uploads/dlm_uploads/2022/03/3Rs-by-Maya-Gonzalez-PDF.pdf.
    The download link ( not the file URL ) can be shared and could previously be shared (
    go to download button and copy link ).

    To see what type of webserver if you go to Tools > Site Health > Info tab > Server.

    Did you add any extensions to your Firefox browser recently? Could you please try on a different browser and on a different machine? Tested myself and 4 of my colleagues on your website but they don’t have the problem you are experiencing.

    Kind Regards!
    Razvan

    Thread Starter mrmatthewsg

    (@mrmatthewsg)

    Thanks, I did understand the difference between the 2 links but I don’t think I was communicating that very well through typing. It just seemed like before neither one would be accessible in the browser. If I were to type the download link into the browser it would force download it.

    I see that it appears like it is a browser issue of some kind and not an issue with a website or plugin setting. I don’t know what changed since I personally didn’t change anything in my browser but at least I understand that now. Thank you for your time and help with this.

    So if the download link (not the file url) is shared directly outside of my website, it still counts in the number of downloads, correct?
    And if I wanted more control around who could access it, would then limiting a download to logged in users be the best way? or would settings in the Pro version of your plugin offer additional control?
    Again, I appreciate you taking the time to review and clarify the issue.

    Hello @mrmatthewsg ,

    Sorry for the late reply.

    Yes, it still counts the number of downloads and limiting the downloads to logged in members would help. The PRO version also has some locking extensions or access management that could furthermore increase the control you have on whom has access to your downloads, how they can access them, how many times/day for example and so on ( you can see more yourself here https://www.download-monitor.com/ ).

    Hope this clears things up even further.

    Kind Regards!
    Razvan

    Hey @mrmatthewsg ,

    I come with an update to your problem. We’ve found what is causing this, why from my side and some of my colleagues was not a problem, and we’ll try to find a solution.

    1.The problem. So, it’s not exactly a problem, more like a situation with Firefox. The browser has some actions to do on some triggers, in our case is the PDF download trigger. The browser’s default PDF viewer kicks in depending on the default action chosen by the user

    2.Why only some users. If you go to Firefox settings > General > search for Portable Document Format you’ll most probably have Open in Firefox. If you have that set to Save file or Always ask it will trigger another behavior when triggering the download process. This should be a problem with PDF’s only.

    3.Finding a solution. We’re currently in the process of finding a solution to bypass the user’s chosen action for the browser and directly download the file. It will probably be released in the next update.

    Hope this helps!
    Kind Regards,
    Razvan

    • This reply was modified 2 years, 12 months ago by Razvan Aldea.
    Thread Starter mrmatthewsg

    (@mrmatthewsg)

    I just saw this. Thanks for the update.
    I had started to assume that it was a Firefox issue but thought perhaps there was no way to get around it. I noticed that somehow my Firefox had been changed to ‘Open in Firefox’ even though I never personally selected that, maybe it happened with an update. And realized how easy it was for folks to have that setting making the download link super easy to share. I figured I’d just need to either live with it or see if I need to limit things some other way. Happy to hear that there may be a way to bypass it. Thanks again for the update!

    @mrmatthewsg
    The problem (more precisely, the peculiarity of browsers) is related to Content-Type.
    Install the WP Add Mime Types plugin
    And for those extensions that should unconditionally download to a file (not open in a browser), specify the value application/x-force-download.
    For example:

    zip = application/x-force-download
pdf = application/x-force-download
doc = application/x-force-download
7z = application/x-force-download
rar = application/x-force-download
mp4 = application/x-force-download
mkv = application/x-force-download
Viewing 14 replies - 1 through 14 (of 14 total)
  • The topic ‘Force Download’ is closed to new replies.