While supporting an intranet application on SharePoint 2010 for a Swedish client in my company, a lot of users complained about PDF files not been able to open in browser as a default behavior in SharePoint 2010 Lists. In some cases, it does offer you the option of 'Read' or 'Save' but despite of choosing the 'Read' option, the PDF still saves a copy to the file-system! To remind you, back in SharePoint 2007 the default behavior was that the PDF files would open directly in the browser, so obviously this is considered an unusual behavior in SharePoint 2010.
My study found a lot of threads on MSDN forums and Stack Overflow which do a offer solutions to introduce a custom 3rd party jQuery code in your Master Page or CEWP (Content Editor WebPart) but choosing an out-of-box solution is always preferred.
The way it works with SharePoint 2010 basically - PDF files (basically the PDF MIME type) are not considered safe hence saving them to the file-system and opening them is the only option users have. That’s annoying! Amongst the list of allowed MIME types which SharePoint 2010 allows for a Web Application, PDF isn’t in the list.
Solution 1:
Modify the General Settings of the Web Application in CAS (Central Administration System) to allow “Permissive browser handling” which means the browser will be able open up file types which are not in the list of permissible MIME types.
Perhaps, this might be the easiest way of achieving or intent but it also leaves the browser vulnerable and allows all file types to be opened. This is definitely not a good security practice. Check the other solution.
Solution 2:
We can use PowerShell to explicitly include PDF in the list of allowed MIME types. Note that this setting is applied at Web Application level hence making this solution better than Solution 1 as it does not open up any other MIME types. Make sure you use an account with adequate privileges to execute the PowerShell script. Execute the PowerShell script in the SharePoint 2010 Management Shell after modifying the Web Application URL in the first line. Following are some PowerShell snippets with their description.
List all permissible MIME types:
Add PDF MIME type to this list:
Remove PDF MIME type from this list:
Disclaimer:
Personally, I have tested both the methods and they work fine when you do the way to allow PDF files. But when you do the opposite way i.e. to disallow PDF, the changes do not get applied, leaving you with the first applied setting.
Here is one such case on the Internet. Also check the comments at the end.
My study found a lot of threads on MSDN forums and Stack Overflow which do a offer solutions to introduce a custom 3rd party jQuery code in your Master Page or CEWP (Content Editor WebPart) but choosing an out-of-box solution is always preferred.
The way it works with SharePoint 2010 basically - PDF files (basically the PDF MIME type) are not considered safe hence saving them to the file-system and opening them is the only option users have. That’s annoying! Amongst the list of allowed MIME types which SharePoint 2010 allows for a Web Application, PDF isn’t in the list.
Solution 1:
Modify the General Settings of the Web Application in CAS (Central Administration System) to allow “Permissive browser handling” which means the browser will be able open up file types which are not in the list of permissible MIME types.
Perhaps, this might be the easiest way of achieving or intent but it also leaves the browser vulnerable and allows all file types to be opened. This is definitely not a good security practice. Check the other solution.
Solution 2:
We can use PowerShell to explicitly include PDF in the list of allowed MIME types. Note that this setting is applied at Web Application level hence making this solution better than Solution 1 as it does not open up any other MIME types. Make sure you use an account with adequate privileges to execute the PowerShell script. Execute the PowerShell script in the SharePoint 2010 Management Shell after modifying the Web Application URL in the first line. Following are some PowerShell snippets with their description.
List all permissible MIME types:
- $webapp = Get-SPWebApplication http://localhost:8080/
- $webapp.AllowedInlineDownloadedMimeTypes
- $webapp.Update()
Add PDF MIME type to this list:
- $webapp = Get-SPWebApplication http://localhost:8080/
- $webapp.AllowedInlineDownloadedMimeTypes.Add(“application/pdf”)
- $webapp.Update()
Remove PDF MIME type from this list:
- $webapp = Get-SPWebApplication http://localhost:8080/
- $webapp.AllowedInlineDownloadedMimeTypes.Remove(“application/pdf”)
- $webapp.Update()
Download the PowerShell script here: (Reset the IIS after you execute the script) |
Disclaimer:
Personally, I have tested both the methods and they work fine when you do the way to allow PDF files. But when you do the opposite way i.e. to disallow PDF, the changes do not get applied, leaving you with the first applied setting.
Here is one such case on the Internet. Also check the comments at the end.