Content-Disposition header missing from dist.torproject.org
Here's a full set of headers when fetching The Tor Browser from the aus1 endpoint:
Date: Sun, 25 Apr 2021 04:20:48 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Xss-Protection: 1
Referrer-Policy: no-referrer
Strict-Transport-Security: max-age=15768000; preload
Content-Security-Policy: default-src 'self';
Last-Modified: [Redacted]
ETag: "[Redacted]"
Accept-Ranges: bytes
Content-Length: 801
Cache-Control: max-age=3600
Expires: [Redacted]
Vary: Accept-Encoding
Connection: close
Content-Type: text/plain
Content-Disposition
seems to be missing. Adding that header will help create robust applications that download files from that specific endpoint and store them in a cleanner manner that's agnostic towards the URL itself.
Here's a small code sample in Python that would utilize the header:
import urllib
tor_aus1_request = urllib.request.urlopen(https://aus1.torproject.org/torbrowser/update_3/release/downloads.json)
tor_binary_filename = tor_aus1_request.headers['Content-Disposition']
print(tor_binary_filename)
Relevant Links
Edited by n0toose