How to: allow .pdf files in SharePoint 2010 to open in the browser window

SharePoint will by default request that the user saves a .pdf file and open it locally inside the client application (be it the Adobe, FoxIt, or some other reader). That’s the default behaviour, and it kind of makes sense, since .pdf files are not considered safe.

However, SharePoint 2010 will allow the administrator to change the default behaviour, so that site users can click on a PDF document and have it open inside the browser window.

There are quite a few ways to go about this. MSSharePointTips has a listing of all you could do. For example, one quick and easy way would be to lower the security settings through the Central Administration. However, I would advise against that. Lowering the security settings just for the sake of .pdf files is probably too high a price to pay. However, you could just add the .pdf file type to the list of safe file types. You can do that through the SharePoint PowerShell:

#Get web application object
$webApp = Get-SPWebApplication “web app url”
#List all allowed MIME types for this web application
#Get web application object again
$webapp = Get-SPWebApplication “web app url”
#Add PDF to allowed MIME type list
#Commit changes

(taken from MSSharePointTips)


It goes without saying that you can do the exact same thing through code. Add a reference to Microsoft.SharePoint.Administration and:

SPSite site = new SPSite(absoluteSiteURL);
SPWebApplication webapp = site.WebApplication;
if (!webapp.AllowedInlineDownloadedMimeTypes.Contains(“application/pdf”))


MGR: the Intelogist

About MGR: the Intelogist

SharePoint Server developer, turned Sitefinity developer, turned Angular developer, turned SharePoint Online consultant, turned Unily consultant, turned O365 consultant... Never a dull moment!

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> 

This site uses Akismet to reduce spam. Learn how your comment data is processed.