File download
OpenFin gives application providers a security-first approach to seamlessly download files from within applications. Some of OpenFin’s APIs (such as launchExternalProcess()) offer greater access to the system than typical Web APIs, and our file download support has been designed with that in mind. This model ensures downloadable files are originating from known, trusted locations and reduces the risk of any content being downloaded that is not considered safe. It also reduces the number of steps an end-user performs to display the content.
Application providers can create streamlined workflows for their end-user, such as the following:
- Download and launch files with a single click
- Download and save files to a predefined location
OpenFin provides application developers with the necessary tools to do things like following:
- Set download locations via an API call
- Determine rules for where files can be sourced
- Determine rules for specific file types
Downloading files in your application
Implementing file download workflows in your application requires you add the following to the manifest:
- Declare your use of secured APIs. Desktop owners might still block your application from using these APIs; refer to API security for details.
- Define locations to download from, allowed file types, and whether to prompt the user when downloading.
Secured APIs
The secured APIs you might want to use for file download workflows include the following:
- Application.setFileDownloadLocation() to set a location for downloading files if you do not prompt the user each time.
- System.downloadAsset()
- System.launchExternalProcess() if you want to run another program to open, print, or otherwise handle the file. Refer to the final example in the System.launchExternalProcess() tutorial to see how to get the UUID of the downloaded file.
Defining how to handle file downloads
The following manifest properties are used to manage the file download experience:
defaultDomainSettingsis the object that contains the file download rules. It can appear as an option forstartup_apporplatform, as appropriate to the application.rulesis an array of rule definition objects, each consisting ofmatch, andoptionsorbehaviormembers.matchis an array of match patterns. Depending on where and how it is used, it can defines URLs of domains that files can be downloaded from or file types that can be downloaded. Wildcards for subdomains are supported. You can also use<all_urls>to match all URLs.optionscontainsdownloadSettings, which in turn contains arulesobject defining file types to match, and behavior for matched file types.behaviordefines whether the end-user should be prompted with a Save As dialog from the operating system. Possible values are:prompt: The default. A user is shown the default download dialog box from the operating system.no-prompt: The file is downloaded automatically, without user intervention.
Download configuration example
In the following example subsets of a manifest, for all subdomains of example.com, PNG and JPEG files are downloaded without prompting the user.
{ "platform" :{
"defaultDomainSettings": {
"rules": [
{
"match": [
"*/*.example.com"
],
"options": {
"downloadSettings": {
"rules": [
{
"match": [
"*://*/*.png", "*://*/*.jpg"
],
"behavior": "no-prompt"
}
]
}
}
}
]
}
}
}
{ "startup_app" :{
"defaultDomainSettings": {
"rules": [
{
"match": [
"*/*.example.com"
],
"options": {
"downloadSettings": {
"rules": [
{
"match": [
"*://*/*.png", "*://*/*.jpg"
],
"behavior": "no-prompt"
}
]
}
}
}
]
}
}
}
Updated almost 2 years ago