Forum Discussion
SmartScreen turned off -> Java Webstart JNLP Files are marked as "can harm your computer"
Starting with Edge v85 (currently in beta) there is a new policy "ExemptDomainFileTypePairsFromFileTypeDownloadWarnings" available which solves this issue:
See Documentation:
I can confirm this works with
Edge Beta 85.0.564.30
Edge Dev 86.0.594.1
BUT be aware: The text in the documentation is correct, but the given Samples in the documentation are currently wrong!
Citing the Sample in the docs:SOFTWARE\Policies\Microsoft\Edge\ExemptDomainFileTypePairsFromFileTypeDownloadWarnings\1
= {'domains': ['https://contoso.com', 'contoso2.com'], 'file_extension': 'jnlp'}
The single quotes in the examples are wrong, only double quotes are accepted and work! So this should be corrected to:
= {"domains": ["https://contoso.com", "contoso2.com"], "file_extension": "jnlp"}To check my JNLP JavaWebStart Sample-Link https://hitco.at/java-webstart-demo/ successfully working, use following registry-Keys:
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\ExemptDomainFileTypePairsFromFileTypeDownloadWarnings] "1"="{\"domains\": [\"https://*.hitco.at\", \"https://hitco.at\"], \"file_extension\": \"jnlp\"}"
Uaslam maybe you like to describe your scenario in more detail and provide a screenshot of the relevant edge://policy/ settings to check in detail what you configured and why it is not working as you expected.
Each time a user reply, reply all or Forward an email in the email pane in Dynamics 365, see below:
They get the following download message 'xyz.eml was blocked because this type of file can harm your device'.
I have made the changed to the settings as per your post, but that has made no difference. See the screenshot below for the edge://policy/
I can reproduce the same problem on Chrome too.
Thanks
HowonChoi I have no Idea what you like to tell or ask. Using edge://policy to view your current settings offers no GUI to change the according Registry-Keys directly in Edge. Use MDM, GroupPolicies or directly edit the Registry-Keys according to your needs / Management-System.
You find the Policy Reference here:
https://learn.microsoft.com/en-us/deployedge/microsoft-edge-policiesGunnar-Haslinger edge://policy/ 에서 AutoOpenFileTypes 와 AutoOpenAllowedForURLs Policy 수정이 가능한가요?
KamranB that's possible using the AutoOpenFileTypes and AutoOpenAllowedForURLs Policy.
Has anyone got these files to open automatically rather than having to download/save/open?
PeDe You show us a Problem with JNLP (Java WebStart Files) but give us Links to html-Files, so that are not the URLs of the jnlp files but just html-File Links. Have a Look at the REAL URL of the jnlp Files and not the html-File which probably contains code to download jnlp
DRAC 8 https://FQDN/index.html
DRAC 9 https://FQDN/restgui/index.html
It looks ok, i just removed the Domain from the screenshot. I also was in touch with Dell and asked them why Dell iDRAC 8 would work with this workaround and Dell iDrac 9 would not. They said it relies on the browser and as it works with 8 everything would be fine from their side. Since it only checks for the ending...
So there must be something wrong with Edge...
Support wouldn´t escalate it further up the chain.
Only difference i can see ist that the urls look diffrent:
DRAC 8 https://FQDN/index.html
DRAC 9 https://FQDN/restgui/index.htmlThe one with red x is the DRAC 9 and the other one DRAC 8
And in the file explorer you see the temporary file, when i select keep it works but shouldn´t it work in both since it checks domain and filextension only?
Oh dear how embarrassing. A rookie mistake. I had been focused on the Onedrive URL and not even noticed they were different.
Thanks for pointing that out and it is now working as expected. I suspect my issue with the other domain is similar!
Cheers
Antony Paul your Policy-Screenshot shows a different domain than your link:
https://nottinghill.sharepoint.com
https://nottinghill-my.sharepoint.comYour advice on this thread has been very useful for me when testing this policy so thank you for that
Has anyone else had issues getting this to work when specifying a domain? I am trying to solve an issue where smartscreen is by default blocking the downloading of msg files in Edge (Version: 1.3.145.49) and the users have to override the warning by selecting keep each time.
If I use a wildcard for the domains it works correctly and the file downloads without the smartscreen prompt.
But if I want to lock this down to a specific domain, in this case our sharepoint, the file is blocked by smartscreen
The redacted link of the msg file
https://nottinghill.sharepoint.com/:u:/r/loremipsum/Shared%20Documents/1061689.msg?csf=1&web=1&e=Tb4Qne
I have tried adding * before and after but no joy
I have replicated this behaviour with another domain as well.
Very puzzling
Theo2424 your screenshot shows that your registry-Key is not formatted right.
My "regedit code sample" was not provided to be copied into regedit but in a .reg file to import in regedit, therefore escaping of the quotes is needed in .reg Files but not in regedit graphical Editor itself.
Compare with this working screenshot:
Hello everyone,
First of all, thank you very much for your contributions Unfortunately the solution doesn't work for me yet.
Maybe a mistake was included ... I would be very grateful for your help
Path in Registry:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\ExemptDomainFileTypePairsFromFileTypeDownloadWarnings
Thanks alot
Theo
Uaslam I have no Idea how you configured this policy to produce an edge://policy Screenshot showing two separate entries (two separate lines). The policy seems to be designed to configure one extension per entry allowing to address multiple domains per entry/extension. But even if I try to do it how I guess you did it (adding two policies for "eml" Extension) I cannot reproduce a screenshot like yours. As you made the interesting part unreadable I'm not able to help.
I suggest to start with this single line globally setting eml not to be harmful, if this works you can play arround to find out what's wrong with your domain-entries.
Regedit-File:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\ExemptDomainFileTypePairsFromFileTypeDownloadWarnings]
"1"="{\"domains\": [\"*\"], \"file_extension\": \"eml\"}"
