Now that I have created the Pocket Notes on the Go Tool for:
- Desktop – Windows
- Desktop – Mac
- iPhone/iPad device (waiting developer approval via UNC)
- android device
- Online demo
I need to allow the user to either
- go to the marketplace to download the apps(iTunes or google play)
- or allow the user to download the software from the site.
Since Apple only allows you to install from the iTunes store, the website will be setup to only allow us to provide downloads for the desktop applications. The Apple and Android device apps will send the user to the respective marketplaces.
Since the browsers are not happy about allowing users to download exe files directly from a link (browser wants you to discard and not keep the download):
The safe browsing option to prevent harmful downloads is to request a php script on the server that allows the user to download the file indirectly. So the following html code which exposes directory structure of your website(security risk if you have something you don’t want stolen):
<p><a class="awesomeButton" href="http://localhost/neppphp/m/pocketnotes/PNsetup.exe">NIM PocketNotes 1.0 (Installer EXE for Windows)</a></p>
is replaced by this:
<p><a class="awesomeButton" href="./../download.php?file=/pocketnotes/PNsetup.exe" target="_self">NIM PocketNotes 1.0 (Installer EXE for Windows)</a><br />
I used a php script which I leveraged (with modifications wrt “It contains a huge security vulnerability which allows an attacker to view arbitrary files on your system (Path traversal).” see stack overflow post). I finally found the following article on stackoverflow about getting around Chrome’s Malicious File Warning. The solution appears to be that you should sign up via Google Webmaster Tools and let googles’ bots scan your site to make sure you are a legitimate entity.