This is how you do it cross-browser. On the moz-based block, you might need to know a bit of xul to understand in order to script; but operational-wise it does not need any knowledge of it. It just differs from ie now by asking explicitly the xpconnect privilege from the user. The user can deny it, sure. It can be granted on one-time-basis. (Do not click on the remember checkbox and you're remaining safe.) The reason is that by default that privilege is denied (for good reason, and I am not suggesting to switch it permanently to allow.)
The demo is no-nonsense free from artificial irrelevance and well-focused.
[tt]
<html>
<head>
<title>xbs_saveas_gt</title>
<script type="text/javascript">
function go_saveas() {
if (!!window.ActiveXObject) {
document.execCommand("SaveAs");
} else if (!!window.netscape) {
var r=document.createRange();
r.setStartBefore(document.getElementsByTagName("head")[0]);
var oscript=r.createContextualFragment('<script id="scriptid" type="application/x-javascript" src="chrome://global/content/contentAreaUtils.js"><\/script>');
document.body.appendChild(oscript);
r=null;
try {
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
saveDocument(document);
} catch (e) {
//no further notice as user explicitly denied the privilege
} finally {
var oscript=document.getElementById("scriptid"); //re-defined
oscript.parentNode.removeChild(oscript);
}
}
}
</script>
</head>
<body>
<a href="#" onclick="go_saveas();return false">save the document</a><br />
</body>
</html>
[/tt]
