Browser behaviour when 403 Response with Content-Disposition Attachment header

If client requests for a file download for which the logged in user does not have permissions, server should not set content-disposition:attachment header. If the header is set and if 403 (Forbidden) status code returned by the server, then client shows weird message as file not found.

Comments

Popular posts from this blog

Proper way to have an anchor tag with onclick event

My FIRE Journey

CORS issues with IE9 and workarounds