Sharepoint - How do I prevent Sharepoint from asking to download html files to my local machine?

Both the description and the solution of your issue can be found here : Unable to Open PDF Directly from SharePoint 2010 ([Link edited on 11/20/2013].

Basically, it's a security feature (that can be disable, if you accept the implication), that prevent some files to be displayed in the browser directly. Typically, what would prevent someone to put some javascript in the html file and gain privileges of the viewing user?

If you are ok with that, as the article state :

You can modify SharePoint’s behavior by changing the Browser File Handling option in the Web Application General Settings of SharePoint 2010. Your options are permissive and strict, with strict being the default.

Set it to permissive, and this should works.

I don't know your requirement, but can you imagine an alternative, like using direct html content in publishing and / or wiki pages ?

[Edit] There's a cleaner way to workaround this behavior. Instead of disabling this security settings, you should allow only mime types you want to allow to be seen in the browser.

The allowed mime types are defined in the SPWebApplication.AllowedInlineDownloadedMimeTypes Property

Here is small PowerShell utility function I use:

function Add-SPAllowedInlineDownloadedMimeType{
    [CmdLetBinding()]
    param(
        [Parameter(Mandatory=$true, Position=0, ValueFromPipeLine=$true)]
        [Microsoft.SharePoint.PowerShell.SPWebApplicationPipeBind]$WebApplication,
        [Parameter(Mandatory=$true, Position=1)]
        [string]$MimeType
    )
    process{
        $actualWebApp = $WebApplication.Read()
        if ($actualWebApp.AllowedInlineDownloadedMimeTypes -notcontains $mimetype)
        {
           Write-Host "Adding MIME Type..."
           $actualWebApp.AllowedInlineDownloadedMimeTypes.Add($mimetype)
           $actualWebApp.Update()
           Write-Host "Done."
        } Else {
           Write-Host -ForegroundColor Green "MIME type is already added."
        }
    }
}

And it can be used like this:

Add-SPAllowedInlineDownloadedMimeType -WebApplication http://mywebapp -MimeType "text/html"

Just change the extension to .aspx.

Tags:

Html

View