Firefox pre-downloading

Technically, the popup does not ask you whether you really want to download the file; that decision, you already took when you clicked on the link which triggered the download. The popup asks you what Firefox should do with the file when it has been fully downloaded.

Potentially hostile files can be a security issue. Filesystems normally store files as bunch of bytes and are thus nominally immune to the file contents; but modern operating systems are not content with handling files as files. For instance, if you open a file explorer to see the directory in which downloaded files are stored, and the file has a name which ends in '.jpg' or '.png', then the file explorer will try to interpret the file contents automatically, as a picture, so as to compute and display a miniature view of the said picture. Any security hole in the JPEG or PNG support library could then be exploited by a malicious file, and it does not require any "opening click" on the file, just opening the directory.

The Web is a harsh place.


To disable it just write about:config in the address bar and search for network.prefetch-next.

Set this to false and no pre-downloading should occur. - This does not work on 18.0.2 on Ubuntu or Windows 7, although it is the only method I have found searching the web. I have tried various other settings, nothing worked. It seems that this behavior cannot be disabled.

Supposing that the file contains malware, when the pre-downloading is finished, you may receive an alert from your antivirus.

As long as you do not open the file, you should be safe. If you clicked cancel, Firefox would just delete the file.

Of course, there is always a chance that coupled with a certain vulnerability (in the browser, in the indexing software, etc) an exploit could be built, but I think this is unlikely.


I can imagine certain conditions for this to become a security issue:

  • The browser downloads the file that triggers a vulnerability in the file browser like the WMF vulnerability
  • A virus scanner might start scanning the partially downloaded file and it could trigger a vulnerability in the scanner. Sophos had some bad press recently.
  • A huge file that is highly compressible would download very quickly and could use up all drive space.