Verify that the "Saved to filename 'blabla'" message is only displayed when the 'blabla' filename being used _actually_ has been specified by the server in the Content-Disposition header. Use relative path for unintended file creation postcheck.
Add a postcheck section to verify unintended file creation. Remove needless <file> checks in verify section. Renumbering where appropriate.