By: Manoj V | Updated: 2011-09-21 | Comments (1) | Sharepoint
When we try to open PDF files from a SharePoint 2010 library using IE 8 or above, we get prompted to Save the file and it does not open in the browser directly. In a vanilla SharePoint implementation the browser always prompts user to save the PDF file rather than opening it.
This behavior can be very annoying for end users and a bigger concern is that such behavior promotes saving the files on the local computer even if the document is designed for view only.
The reason for this behavior is the Browser File Handling setting in SharePoint 2010. This is a SharePoint web application level setting and this property determines how file are treated in browser.
When we open a PDF file from a SharePoint 2010 library or list, we are prompted to open the file as Read-only (assuming that we have pdf Reader installed).
Next we are prompted to Save the file locally rather than opening in browser.
Each Document Library in SharePoint 2010 actually has a property titled BrowserFileHandling that is set based on the BrowserFileHandling selection at the Web Application level. SharePoint 2010 utilizes an enhanced security feature in Internet Explorer 8 and above to block the opening of file types it considers vulnerable to scripting or other attacks, such as PDFs, HTML, etc. We can modify SharePoint's behavior by changing the Browser File Handling option in the Web Application General Settings of SharePoint 2010 web application. We have two options: Strict (being the default) and Permissive.
We can also set the Browser File Handling of the web application using the following PowerShell commands:
#Get web application object $webApp = Get-SPWebApplication "web app url" #Set property as Permissive $webApp.BrowserFileHandling = "Permissive" #Commit changes $webapp.Update()
To let the PDF file open within the web browser, change the Browser File Handling
setting to "Permissive". Now if we try to open the PDF file it will open in the
browser. For Adobe Reader, there is a setting to enable opening PDF documents in
browser or in Adobe Reader client application. Irrespective of this setting in Reader
Browser File Handling should be "Permissive" for the PDF to open directly.
But changing the Web Application Browser File Handling setting to Permissive will allow all MIME types to be opened in the Browser, which is a security risk. The work around is to add PDF to allowable list of MIME types in SharePoint 2010. This can be achieved by using PowerShell scripts as shown below:
In the above image we list all the allowed MIME types for our web application using the "Get-SPWebAppplication.AllowedInlineDownloadedMimeTypes" property. Next we add the PDF MIME type to the list.
Here are the PowerShell commands I have used in the images above:
#Get web application object $webApp = Get-SPWebApplication "web app url" #List all allowed MIME types for this web application $webApp.AllowedInlineDownloadedMimeTypes #Get web application object again $webapp = Get-SPWebApplication "web app url" #Add PDF to allowed MIME type list $webapp.AllowedInlineDownloadedMimeTypes.Add("application/pdf") #Commit changes $webapp.Update()
The Browser File Handling can also be set for Lists and Libraries using the "SPList.BrowserFileHandling" Property. Here are the PowerShell commands to change the Browser File Handling property of a List to "Strict".
#Get site object $web = Get-SPWeb "site url" #Get the List object $docLib = $web.lists["List name"] #Change setting to Strict $docLib.BrowserFileHandling = "Strict" #Commit changes $docLib.Update()
Now we have a web application with the Browser File Handling set to "Permissive" and a List with Browser File Handling set to "Strict". In this case all PDF documents in this List will prompt to Save locally and PDFs in other Lists and Libraries in this site will open in browser.
#To view the current Browser File Handling property value for the web application $webApp.BrowserFileHandling #To view the current Browser File Handling property value for the List/Library $docLib.BrowserFileHandling
You may have to perform an IIS reset for the changes to take effect at the web application level.
If SPWebApplication.BrowserFileHandling is Permissive, we can programmatically (no UI) overwrite list level BrowserFileHandling property to be Strict. Unfortunately, it does not work in reverse; list-level property cannot overwrite WebApplication setting "Strict".
PDF file prompting to Save rather than opening is a common issue with most vanilla SharePoint implementations. Using PowerShell scripts we can control which type of file will be allowed to open in browser and which ones will not be. Again SPBrowserFileHandling can be also an attribute in Manifest.xml
- SPWebApplication.AllowedInlineDownloadedMimeTypes Property
- IE8 Security Part V: Comprehensive Protection
- SPList.BrowserFileHandling Property
- SPWebApplication.BrowserFileHandling Property
- Schema for Manifest.xml
- Check out these other tips
Last Updated: 2011-09-21