Browser File Handling and avoiding Permissive mode

A change in behavior from SharePoint 2007 to SharePoint 2010 is that only file types marked as “safe” are allowed to be opened in the browser (think PDF) or opened on a download request (instead of just saved to disk).

One way to work around this is to set the Browser File Handling policy to Permissive, from Strict, on the Web Application. This has a negative impact on security as clients may open harmful content from SharePoint without being prompted to do so.

The preferred way of handling this is to leave the Browser File Handling on the Strict mode, then from the SharePoint Command Shell, run:

$webApp = Get-SPWebApplication("http://webAppUrl")

This example is to add the MIME type for PDF to be allowed to open within the browser window instead of forcing the user to save the file to disk before opening it.

Trevor Seward is a Microsoft Office Apps and Services MVP who specializes in SharePoint Server administration, hybrid scenarios, and SharePoint Online. He has been working with SharePoint for 16 years from SharePoint 2003 on up, managing environments with terabytes of content for 150,000+ user organizations. Trevor is an author of Deploying SharePoint 2016 and Deploying SharePoint 2019. You can find him on Twitter and in /r/sharepoint.