Here is a tip when you are programming something that you want your file’s path to be hidden. It’s specially when its under a secure connection or https or SSL connection.
- Remember the mime type ea. image/jpg
- Remember the file name ea. image.jpg
- Remember not to put expiration and no-cache on your header
- Remember to open it on another tab or window as much as possible
- When you are debugging you can remove the headers so the file won’t be downloaded
Hope this tips can help you specially #3 because your download will fail on lower version of IE.