简体繁体 English

下载文件时的浏览器事件保存到磁盘

[英]Browser event when downloaded file is saved to disk

原文 2010-02-26 17:13:23 4 3 javascript/ browser/ download/ save/ dom-events

I have sensitive files to download to users, and each user is permitted to download a given file exactly once. 我有敏感文件要下载给用户，每个用户只能下载一次给定文件。 If the download fails, I want to permit the re-download, but not otherwise. 如果下载失败，我想允许重新下载，但不允许。

It's not sufficient to rely on logging/processing the file download request at the server - I need to know deterministically when the file is complete and in place at the client, since many of my users work in an environment with frequent connectivity drops. 依靠在服务器上记录/处理文件下载请求是不够的 - 我需要确定地知道文件何时完成并在客户端就位，因为我的许多用户在频繁连接丢失的环境中工作。

The most straightforward way for this to work would be if the browser exposed a "file saved" event from the Save As... dialog that could be wired to a JavaScript function on the download page (which could post back to the server). 最直接的方法是，如果浏览器从“另存为...”对话框中公开了“文件已保存”事件，该对话框可以连接到下载页面上的JavaScript函数（可以回发到服务器）。 But, intuition suggests there might be security holes if browsers exposed this functionality, as it sneaks somewhat outside the sandbox. 但是，直觉表明，如果浏览器暴露了这个功能，可能会出现安全漏洞，因为它会在沙箱之外偷偷溜走。 I'm not sure this is even possible. 我不确定这是否可能。

I found several other questions in this area , but nothing about this problem specifically. 我在这个领域发现了其他几个问题，但没有具体说明这个问题。

Any ideas? 有任何想法吗？

Edit: I should not have used the word "security" in the original question, sorry for triggering the red herrings. 编辑：我不应该在原始问题中使用“安全”一词，对不起触发红色鲱鱼。

Edit 2: My "security" phrasing misled folks into offtopic technical security issues, but both of you confirmed my suspicion that "no, there's no browser support for that." 编辑2：我的“安全”措辞误导人们进入了非正式的技术安全问题，但你们两人都证实了我的怀疑，“不，没有浏览器支持。” I'm marking the first commenter with the answer since his first sentence had what I was looking for. 因为他的第一句话得到了我的期待，所以我正在为第一个评论者做出回答。 Thanks all. 谢谢大家。

3 个解决方案

This is a good solution: 这是一个很好的解决方案：

http://gruffcode.com/2010/10/28/detecting-the-file-download-dialog-in-the-browser/ http://gruffcode.com/2010/10/28/detecting-the-file-download-dialog-in-the-browser/

It basically works by setting a cookie in the reponse header of the downloaded file, so javascript periodically can check for the existence of this cookie... 它基本上通过在下载文件的响应头中设置一个cookie来工作，所以javascript会定期检查这个cookie的存在...

There's no such browser event in JavaScript and even if there was you can not trust the user's browser to provide security for you. JavaScript中没有这样的浏览器事件，即使您无法信任用户的浏览器为您提供安全性。

You're better off using a GUID to generate a unique URL for each download. 您最好使用GUID为每次下载生成唯一的URL。 You can then for example: 然后你可以举例如：

let the URL be valid only for a specific time period 让URL仅在特定时间段内有效
allow transfers only from a specific IP address associated with the unique URL 仅允许从与唯一URL关联的特定IP地址进行传输
let your server-side code detect when the content for a unique URL has been fully transferred and then invalidate the URL. 让您的服务器端代码检测何时完全传输了唯一URL的内容，然后使URL无效。

Let me clarify the last bullet. 让我澄清最后一颗子弹。 Say you're using Java - you will in.read(buffer) and out.write(buffer) in a loop until EOF. 假设您正在使用Java - 您将在循环中使用in.read(buffer)和out.write(buffer)直到EOF。 If the client disconnects you will receive an IOException during out.write() and will be able to tell a successful download from an interrupted one. 如果客户端断开连接，您将在out.write()期间收到IOException ，并且能够从中断的数据库中成功下载。 On other platforms, I'm sure there are ways to tell whether the connection was lost or not. 在其他平台上，我确信有办法判断连接是否丢失。

EDIT: You could actually fire a browser event using the trick outlined in the accepted answer of one of the questions you linked to . 编辑：您实际上可以使用您链接的其中一个问题的接受答案中列出的技巧来触发浏览器事件。 That would however not be a reliable solution to limit the number of downloads. 然而，这不是限制下载次数的可靠解决方案。

Why is it important that the file can be downloaded "exactly once"? 为什么文件可以“完全一次”下载很重要？ Once the file is downloaded it could be copied, so is there really a security issue with letting the same user download the file more than once? 下载文件后可以复制，因此让同一个用户多次下载文件确实存在安全问题吗？

If not, could you do something like this: 如果没有，你能做这样的事情：

Generate a unique URL to download a given file. 生成唯一的URL以下载给定文件。 (Use a GUID to obsfucate if necessary) （必要时使用GUID来提供障碍）
Associate that URL with USER INFO (browser type, IP address, etc) AND A TIME WINDOW. 将该URL与USER INFO（浏览器类型，IP地址等）和A TIME WINDOW相关联。 Only allow downloads from that user and during the window. 仅允许该用户和窗口期间的下载。
The window should be long enough for the user to notice the transfer failed and to re-try once or twice, but no longer. 窗口应该足够长，以便用户注意到传输失败并重新尝试一次或两次，但不再重复。

The end result is: 最终结果是：

You can be reasonably sure the file is only being downloaded by the intended recipient. 您可以合理地确定该文件仅由目标收件人下载。
You can be sure that recipient can only download the file during a short window. 您可以确定收件人只能在短时间内下载文件。
The same user could download the file more than once, but who cares? 同一个用户可以多次下载该文件，但谁在乎呢？ It's no different than making a local copy of the first file. 它与制作第一个文件的本地副本没什么不同。

If you're really worried about it, log each download request and run a scheduled report for files that were downloaded more than once. 如果您真的担心它，请记录每个下载请求并为多次下载的文件运行预定报告。 If anything looks fishy you can then examine security logs, talk to the user, etc. 如果看起来有些可疑，您可以检查安全日志，与用户交谈等。