Skip to main content
Skip table of contents

Security prompt when opening executable files

Basics

Documents generated in CRM (e.g. single letter, serial letter) are always opened without a warning because they are considered trustworthy.
However, documents imported by the user or interface are always checked for their trustworthiness before being opened (read or edited).

There are three application settings for this:

  • WARN_FILEEXT

  • WARN_MIMETYPE

  • WARN_MIMETYPE_EXCLUDE

Figure: Configuration of the application parameters


With the help of these application parameters, the trustworthiness check when opening documents can be adapted to your own requirements.

Application parameter: MIMETypeList - property: WARN_MIMETYPE

Listing of all MIME types where the user gets a new warning before opening the document (no matter if read or write mode).
In the delivery version, this includes e.g. exe, bat or office files with macros, such as doc, docm, xls, xlsm, xlsb, ppt, etc.

Office files without macros are not included here (such as xlsx, docx, pptx) – consequently no warning message appears there.


In the delivery version, this includes the following MIME types:

  • application/vnd.ms-excel

  • application/msword

  • application/vnd.ms-powerpoint

  • application/vnd.visio

  • application/bat

  • application/java-archive

  • application/mediaservercontrol+xml

  • application/vnd.microsoft.portable-executable

  • application/vnd\..*macroenabled.*

  • application/wsdl+xml

  • application/wspolicy+xml

  • application/x-7z-compressed

  • application/x-apple-diskimage

  • application/x-bat

  • application/x-dosexec

  • application/x-executable

  • application/x-gzip

  • application/x-ms-application

  • application/x-msdos-program

  • application/x-msdownload.*

  • application/x-msi

  • application/x-rar-compressed

  • application/x-sh

  • application/x-sharedlib

  • application/x-ustar

  • application/zip

  • model/mesh

  • text/x-python

  • application/x-ms-installer

  • text/javascript

  • application/sparql-query

  • application/ecmascript

  • application/javascript

  • text/vnd.wap.wmlscript

  • application/x-csh

  • application/x-tcl

Application parameter: MIMETypeList - property: WARN_MIMETYPE_EXCLUDE

List of all MIME types. where the user does not receive a warning before opening the document, although they are included in the warning list above via a regular expression.
For example, the warning list includes all Office documents with macros via the regular expression application/vnd\..macroenabled..
For example, if you want to exclude all PowerPoint documents from this, you can either include all PowerPoint MIME types individually here or simply map them as a regular expression >> "application/vnd\.ms-powerpoint\..*"
In the delivery version, this entry is empty.

Application parameter: MIMETypeList - property: WARN_FILEEXT

Listing of all file extensions whose MIME type is trusted (such as text/plain for ps1 files), but which would still cause an application to run when opened.
In the delivery version, this includes the following file extensions:

  • ps1

  • sh

  • rq

  • es

  • js

  • wmls

  • csh

  • tcl

Special feature Windows Client
If the system setting "Windows specific access to open documents" is not activated, text-based documents are always opened in the text editor and not executed. In this case, no warning message appears, although a ps1 file is opened here, for example.

The MimeType of a file can be determined quite easily, e.g. via https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types/Common_types.

Application scenario I
Example: The customer always wants to allow external PowerPoint documents.

Procedure:
Determining the Mime Type for PowerPoint

  • ppsx = application/vnd.openxmlformats-officedocument.presentationml.slideshow

  • ppsm = application/vnd.ms-powerpoint.slideshow.macroEnabled.12

  • ppt = application/vnd.ms-powerpoint

  • pptm = application/vnd.ms-powerpoint.presentation.macroEnabled.12

Variant 1
Entry of all four MIME types in the exception list for WARN_MIMETYPE_EXCLUDE

Variant 2
Entry of a regular expression that maps all four MIME types: application/vnd\.ms-powerpoint.*

Result:
Subsequently, external PowerPoint files are opened in the application without any prompt.

Application scenario II

Example: The customer always wants to allow external Word and Excel documents.

Solution

Entry of the following regular expressions, which maps all Word and Excel MIME types
application/vnd\.ms-excel.*
application/vnd\.ms-word.*
application/msword

Result
Subsequently, external Word and Excel files are opened in the application without any prompt.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close