Can you show us that part of your code? It’s hard to tell what part is broken when we can’t even see the parts! 
I doubt that it’s Anvil. Web browsers have built-in security, to protect the user’s PC. The user has to manually start and/or accept each download. For each download, they may choose where to put the resulting file, and what to call it.
If we didn’t have that manual intervention from the user, bad code could rapidly destroy the user’s existing files, and cripple their PC (or worse), before they could even blink.