SharePoint has a nice little security feature for blocking certain files from being uploaded to SharePoint libraries because of security issues. Each Web application maintains a list of blocked file types that is based on file name extensions. For example, you can block files that have the .exe extension because those files can be run on the client computer and can contain malicious code. I was asked a question the other day about blocked file types in SharePoint 2010 and how to allow them into a SharePoint repository. Now I realize that this is a massive risk but the client had a reason for wanting to do this because they wanted to store installation packages in a SharePoint library. This is generally considered not best practices, but if you have a site that is trusted and only a few individuals have upload rights, you are effectively creating a network share for installation packages.
However, I will stress that you should never allow any executable file in your SharePoint site. But…there is an exception to every rule and this is probably one of them.
Using SharePoint 2010 Central Admin
First navigate to Central admin and once there click on the security section
Once in the security section you need to be in General Security | Define blocked file types
Here you will find a list of file with file type extensions just add or remove the files you wish to block or unblock and then click ok. This is a global setting across all site collections so happy blocking. And don’t forget to check and tighten up on the media files including WMA, MP3, MP4, MOV, WMV etc. it will save you gigabytes of storage later.
Using PowerShell Commandlets
Get-SPBlockedFileType
function Get-SPBlockedFileType { <# .Synopsis This function can be used to retrieve blocked file types for a SharePoint Web Application. .Description This PowerShell function uses the SharePoint Object Model to get all file types in the BlockedFileExtensions property for a Web Application. .Example C:\PS>Get-SPBlockedFileType -WebApplication http://intranet This example gets blocked file types for a SharePoint Web Application at http://intranet. #> [CmdletBinding()] Param( [Parameter(Mandatory=$true, ValueFromPipeline=$true, Position=0)] [Microsoft.SharePoint.PowerShell.SPWebApplicationPipeBind]$WebApplication ) $WebApp = Get-SPWebApplication $WebApplication $Extensions = $WebApp.BlockedFileExtensions $Extensions | ForEach-Object {Write-Host $_} }
Add-SPBlockedFileType
Add-SPBlockedFileType function Add-SPBlockedFileType { <# .Synopsis This function can be used to add a blocked file type for a SharePoint Web Application. .Description This PowerShell function uses the SharePoint Object Model to add file types to the BlockedFileExtensions property for a Web Application. .Example C:\PS>Add-SPBlockedFileType -WebApplication http://intranet -Extension ps1 This example adds the ps1 file type to the BlockedFileExtensions collection for a SharePoint Web Application at http://intranet. #> [CmdletBinding()] Param( [Parameter(Mandatory=$true, ValueFromPipeline=$true, Position=0)] [Microsoft.SharePoint.PowerShell.SPWebApplicationPipeBind]$WebApplication, [Parameter(Mandatory=$true)][System.String]$Extension ) $WebApp = Get-SPWebApplication $WebApplication $Extensions = $WebApp.BlockedFileExtensions $Extensions.Add($Extension) $WebApp.Update() }
Remove-SPBlockedFileType
function Remove-SPBlockedFileType { <# .Synopsis This function can be used to remove a blocked file type from a SharePoint Web Application. .Description This PowerShell function uses the SharePoint Object Model to remove file types from the BlockedFileExtensions property for a Web Application. .Example C:\PS>Remove-SPBlockedFileType -WebApplication http://intranet -Extension ps1 This example removes the ps1 file type from the BlockedFileExtensions collection of a SharePoint Web Application at http://intranet. #> [CmdletBinding()] Param( [Parameter(Mandatory=$true, ValueFromPipeline=$true, Position=0)] [Microsoft.SharePoint.PowerShell.SPWebApplicationPipeBind]$WebApplication, [Parameter(Mandatory=$true)][System.String]$Extension ) $WebApp = Get-SPWebApplication $WebApplication $Extensions = $WebApp.BlockedFileExtensions $Ext = $Extensions.Remove($Extension) if($Ext -eq $true){ Write-Warning "Filetype $($Extension) has been removed from Web Application $(($WebApp).Name)" } else{ Write-Warning "Unable to delete filetype $($Extension) from Web Application $(($WebApp).Name)" } $WebApp.Update() }
Using Visual Studio 2010:
- Open Visual Studio 2010.
- Go to File => New => Project.
- Select Console Application from the installed templates.
- Enter the Name and click Ok.
- Add the following references.
o Microsoft.SharePoint.dll - Add the following namespaces.
o using Microsoft.SharePoint;o using System.Collections.ObjectModel;
- Replace the code with the following.
string webAppUrl = "http://<server>/";string addBlockFileType ="aspx";
string removeBlockFileType ="asp";
SPWebApplication webApp =SPWebApplication.Lookup(new Uri(webAppUrl));
Collection<string> blockFileTypes = webApp.BlockedFileExtensions;
foreach (string fileExtension in blockFileTypes)
{
// displaying all the file extensions that are blocked
Console.WriteLine(fileExtension.ToString());
}
Console.ReadLine();
// adding blocked file type
blockFileTypes.Add(addBlockFileType);// removing blocked file type
blockFileTypes.Remove(removeBlockFileType);webApp.Update();
Build the solution.
Hit F5.
All the file extensions from the blocked file type will be displayed as shown in the following.
A new file extension "aspx" is added and the existing file extension "asp" is removed successfully.
Default Blocked File Extensions
The following table shows the file types that are blocked by default and their corresponding file name extensions.
File name extension | File type |
---|---|
.ade | Microsoft Access project extension |
.adp | Microsoft Access project |
.app | Application file |
.asa | ASP declarations file |
.ashx | ASP.NET Web handler file. Web handlers are software modules that handle raw HTTP requests received by ASP.NET. |
.asmx | ASP.NET Web Services source file |
.asp | Active Server Pages |
.bas | Microsoft Visual Basic class module |
.bat | Batch file |
.cdx | Compound index |
.cer | Certificate file |
.chm | Compiled HTML Help file |
.class | Java class file |
.cmd | Microsoft Windows NT command script |
.com | Microsoft MS-DOS program |
.config | Configuration file |
.cpl | Control Panel extension |
.crt | Security certificate |
.csh | Script file |
.dll | Windows dynamic-link library |
.exe | Program |
.fxp | Microsoft Visual FoxPro compiled program |
.hlp | Help file |
.hta | HTML program |
.htr | Script file |
.htw | HTML document |
.ida | Internet Information Services file |
.idc | Internet database connector file |
.idq | Internet data query file |
.ins | Internet Naming Service |
.isp | Internet Communication settings |
.its | Internet Document Set file |
.jse | JScript Encoded script file |
.ksh | Korn Shell script file |
.lnk | Shortcut |
.mad | Shortcut |
.maf | Shortcut |
.mag | Shortcut |
.mam | Shortcut |
.maq | Shortcut |
.mar | Shortcut |
.mas | Microsoft Access stored procedure |
.mat | Shortcut |
.mau | Shortcut |
.mav | Shortcut |
.maw | Shortcut |
.mda | Microsoft Access add-in program |
.mdb | Microsoft Access program |
.mde | Microsoft Access MDE database |
.mdt | Microsoft Access data file |
.mdw | Microsoft Access workgroup |
.mdz | Microsoft Access wizard program |
.msc | Microsoft Common Console document |
.msh | Microsoft Agent script helper |
.msh1 | Microsoft Agent script helper |
.msh1xml | Microsoft Agent script helper |
.msh2 | Microsoft Agent script helper |
.msh2xml | Microsoft Agent script helper |
.mshxml | Microsoft Agent script helper |
.msi | Microsoft Windows Installer package |
.msp | Windows Installer patch package file |
.mst | Visual Test source files |
.ops | Microsoft Office profile settings file |
.pcd | Photo CD image or Microsoft Visual Test compiled script |
.pif | Shortcut to MS-DOS program |
.prf | System file |
.prg | Program source file |
.printer | Printer file |
.pst | Microsoft Outlook personal folder file |
.reg | Registration entries |
.rem | ACT! database maintenance file |
.scf | Windows Explorer command file |
.scr | Screen saver |
.sct | Script file |
.shb | Windows shortcut |
.shs | Shell Scrap object |
.shtm | HTML file that contains server-side directives |
.shtml | HTML file that contains server-side directives |
.soap | Simple Object Access Protocol file |
.stm | HTML file that contains server-side directives |
.url | Uniform Resource Locator (Internet shortcut) |
.vb | Microsoft Visual Basic Scripting Edition file |
.vbe | VBScript Encoded Script file |
.vbs | VBScript file |
.ws | Windows Script file |
.wsc | Windows Script Component |
.wsf | Windows Script file |
.wsh | Windows Script Host settings file |