[sclug] Local execution form web app

[simon@spudley.com]

You wrote:
> A typical use case is to configure the web app to download a text file (say
> some auto-generated report) from the web server and open it in a local text
> editor - but there are no limits on what the local application could  be.

On a conceptual level, you're not asking for anything more than they already do -- pdf, doc, and a bunch of other file types will likely already be configured by the users' browsers to do exactly the sort of thing you're proposing. All you're asking for is an arbrtrary new file type to be configured in the browser along the same lines.

Unless it's a file type with known security issues like .exe or .scr, there's no reason for a sysadmin to particularly want to block the file type from being downloaded, especially in a local intranet context (an external block may still be reasonable, but that's not an issue for you).

The security risk will be in what program you specify to open the files with, and what that program does with files that it opens. But since that's entirely configurable at the client end, it's outside your realm.

All your web app needs to do is present the file for download, and leave it up to the browser how to handle it.

You'll never have a 100% smooth "click on the link and open the program", because the browser will always offer to open the file or download it, but users are used to that functionality already so it should be good enough.

HTH.


   Simon C.