Forum Discussion
SharePoint Server: is the Browser File Handling obsolete today with Chrome & Edge?
For SharePoint Server 2016+:
Is the Browser File Handling setting (Strict/Permissive) obsolete in today's world with Chromium-based browsers?
The feature is built on the HTTP Response Header “X-Download-Options: noopen” - is that valid for modern browsers?
Thanks!
The Browser File Handling setting in SharePoint Server is still relevant in today's world, even with Chromium-based browsers like Chrome and Edge. The feature is used to control how a browser handles different types of files that are served by SharePoint, and it can help to mitigate security risks associated with file downloads.
The HTTP Response Header "X-Download-Options: noopen" is still valid and supported by modern browsers, including Chromium-based ones. This header instructs the browser not to open the file directly in the browser, but rather prompt the user to save it or open it in a separate application. This can help prevent certain types of attacks, such as cross-site scripting (XSS) and content sniffing.
In summary, the Browser File Handling setting and the "X-Download-Options: noopen" header are still relevant and effective in modern browsers and can help improve the security of your SharePoint environment.
If I have answered your question, please mark your post as SolvedIf you like my response, please give it a like
2 Replies
The Browser File Handling setting in SharePoint Server is still relevant in today's world, even with Chromium-based browsers like Chrome and Edge. The feature is used to control how a browser handles different types of files that are served by SharePoint, and it can help to mitigate security risks associated with file downloads.
The HTTP Response Header "X-Download-Options: noopen" is still valid and supported by modern browsers, including Chromium-based ones. This header instructs the browser not to open the file directly in the browser, but rather prompt the user to save it or open it in a separate application. This can help prevent certain types of attacks, such as cross-site scripting (XSS) and content sniffing.
In summary, the Browser File Handling setting and the "X-Download-Options: noopen" header are still relevant and effective in modern browsers and can help improve the security of your SharePoint environment.
If I have answered your question, please mark your post as SolvedIf you like my response, please give it a like- Sorry for my late response. Brilliant, thanks for the informative reply!
