Most browsers have an inbuilt capability to execute certain types of files. When these types of files encountered in a URL, typically when you click on a PDF Document or Attachment in Salesforce, the browser executes them and displays them in the browser itself, without triggering a "Save As" popup.
For Example, <Instance>/servlet/servlet.FileDownload?file=<DocumentID>
However, in Salesforce, you can choose the default behavior of such kind of files.
From the Setup Menu, Navigate to Security Controls -> File Upload and Download Security.
This page lists the type of files and their Default Download behavior. There are 3 options available :
a) Download (Recommended): The file is always downloaded.
b) Execute in Browser: The file is displayed and executed automatically when accessed in a browser or through an HTTP request.
c) Hybrid: The file uses the default browser execution behavior but Salesforce CRM and Chatter files are downloaded.
Official Documentation at https://help.salesforce.com/apex/HTViewHelpDoc?id=admin_files_type_security.htm
posted on 4 March 2015
Salesforce Security Download File Behavior