Session Spotlight
How Downloads Really Work
Monday, January 29, 2024 - 4:30 PM UTC, for 1 hour.
Regular, 60 minute presentation
Room: Campsite 1
Everyone downloads files, so everyone knows how Downloads work, right? Well, no. It turns out that to fully understand how web browsers download files, you have to understand everything from low-level networking to high-level user-interface behavior, with tons of fascinating stops in the layers in between. In this talk, we'll start with HTML markup ("How does a browser even know that a URL should be treated as a download?") before diving deep, looking at how downloads work at the Networking levels (TCP/QUIC/TLS) and the implications of network-level behavior on user-visible performance, UI, and more. Even simple things ("How does the browser decide what the file's name should be?") turn out to be richly complex, with details spanning multiple web standards from MIME to Unicode. We'll look at how browsers integrate security services (SmartScreen, SafeBrowsing, Antivirus, etc) to keep the user safe from malicious downloads, and how the host OS can recognize the origins of a file even after the download is long finished. We'll also take a look at "download-like" features like drag/drop, background fetch, the HTML5 File API, and Microsoft DirectInvoke to compare and contrast each with traditional forms of Download. Throughout, we'll use tools (including the built-in browser developer tools and external tools like Telerik Fiddler and the SysInternals' suite) to learn how to observe, debug, and modify how downloads work.
Prerequisites
None: The point of the talk is explaining *everything*.
Take Aways
- How Downloads work on the web
- How to observe and learn about web browsers