I need to offer downloadable *.tar.gz files on a website. For each file, I pre-generated MD5 checksums (and present them alongside the download links, for checking after the download). However, both the file size and the MD5 checksum change after a file was downloaded.
I use the following PHP headers etc.:
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=\"".basename($filename)."\";");
header("Content-Type: application/octet-stream");
header("Content-Encoding: binary");
header("Content-Length: ".filesize($filepath.$filename));
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private");
header("Pragma: public");
ob_clean();
readfile($filepath.$filename);
When downloading the file directly using curl, I get:
file size: 440875
MD5: f03a0995aec6f2f5f8810b635a6829b8
which is correct!
However, when downloading from the website, I get:
file size: 2488320
MD5: 953db14625c978e387540b6742121309
which is the problem!
What can I do to change this?
I was using Safari when I encountered this problem. Using other browsers (Chrome and Firefox), my php headers performed as expected.
On further research I found that Safari is bound to such problems. Here, I was using a php redirect to the *.tar.gz file I provide for download. Using the direct path link to the file did not cause any problems. Only under Safari the file is downloaded and apparently "unzipped" automatically, i.e. removing the .gz extension and creating a larger downloaded file (where MD5 is of course different).
I am a bit disappointed that all other browsers I tested do the right thing, while only Safari has this problem.