Browser File Handling in SharePoint 2010


*** Updated 27-2-2013 ***

Sympton
By default, when you open a PDF file from a document library, you will get the following screen (IE9):

image

Causes
This by design. A quote from Microsoft:

This is intentional behavior. In 2010 we’ve tightened up security for people with contribute access. Previously, a malicious user could upload a file with script in it that would get run as whoever browses to the page ie. an admin. In 2010 where we have a javascript object model, this would be a big problem if we didn’t have this restriction in place.

Solution

Special thanks to Jose Luis Arbelaez for pointing out the correct way for doing this.

If you want to add PDF files to be opened directly, you can use PowerShell to add the PDF file type to the AllowedInlineDownloadMimeTypes.

To do this for all Web Applications, use the following line of code:

Get-SPWebApplication | %{$_.AllowedInlineDownloadedMimeTypes.Add("application/pdf");$_.Update()}

Solution #1
This solution has to be applied for each Web Application in your SharePoint farm.

Open up Central Administration, and click Manage Web Applications.

image

Next, select the web application for which you want to change the Browser File Handling, and click General Settings in the ribbon. Change the Browser File Handling from Strict to Permissive and click OK.

image

*** NOTE *** If this does not work for you, you might want to check the Extra Information.

– Solution #2
You might have guessed it, but PowerShell also provides a solution to this. I have created a script that will set the Browser File Handling for all document libraries and lists to permissive in your SharePoint 2010 farm. This is not per Web Application. This script is available as a download in the Technet Gallery.

Extra Information

I have seen some problems with this in various environments. When you work with site / list templates, the default setting provided by the Web Application, may not be transferred when you create a new site / list based on a custom template. For this purpose, I created the script that is available for download in the Technet Gallery.

Advertisements

One thought on “Browser File Handling in SharePoint 2010

  1. Nico,

    I came across this while searching for other content. I just wanted to point out that changing the file handling to permissive can be risky. believe me, that opens the door not just to PDFs but more. I have seen users invoke calls within html or text files when settings are set the way you suggest. I recommend using the following powershell script for PDF while leaving the setting ‘Strict’:

    $webApplication = Get-SPWebApplication “http:/yourwebapplicationurl”
    $webAppApplication.AllowedInlineDownloadedMimeTypes.Add(“application/pdf”)
    $webApplication.Update()

    This is the best practice for allowing the MIME type for a PDF in a SharePoint environment

    You can find more info here: http://social.technet.microsoft.com/wiki/contents/articles/8073.sharepoint-2010-browser-file-handling-deep-dive.aspx

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s