Selectively Disabling Downloaded-File Warnings in LeopardPublished 14 years, 2 months past
One of the things that I’ve found mind-bendingly annoying about Leopard (besides its complete refusal to allow classic window management) is the “this file was downloaded from the internet, are you sure you want to open it?” dialog box. Yes, damn it: I just downloaded the file with the express intent of opening it. Stop bothering me. Keep it up and I might mistake you for PC.
What’s even worse is that the dialog requires mouse input to get past. It would be just within the limits of acceptability if the dialog buttons responded to keyboard input; if I could hit command-O or something to invoke “Open”, then I’d probably keep the safeguard in place, because I could just charge past it with a quick twitch of the fingers. Since I can’t, I want it gone. And of course there’s no “don’t ask me again” checkbox to tick.
After a plea on Twitter, I got pointers to a couple of ways to disable this annoyance (as well as a ton of “oh God, I hate that too; let me know if you find an answer!” replies). The first way is done as a Folder Action. For a variety of reasons, I’m not that thrilled by folder actions, so I gave it a pass. The other approach is to write your own preference file. Ah, much better! (Why is this better? I don’t know. It just intuitively feel like the better approach to me.)
Now, one way is to just disable the warning for all public.item files—which is to say, every type of file. I was tempted, but it turns out there’s a finer grain that can be applied: listing specific file types to be ignored. Better still! That way I can switch this off for the file types that I download all the time, like HTML files, and keep the safeguard in place for file types I almost never download, like executable scripts.
Doing this means you need a list of OS X’s Uniform Type Identifiers, so I dug around to find that listing, which appears to have moved in the not-too-distant past. Here’s the preference file I’ve put together with that listing as a guide. This file lists all of the file types I don’t want to be nagged about.
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>LSRiskCategoryNeutral</key> <dict> <key>LSRiskCategoryContentTypes</key> <array> <string>public.text</string> <string>public.plain-text</string> <string>public.xml</string> <string>public.archive</string> <string>public.image</string> <string>public.audiovisual-content</string> <string>public.font</string> </array> </dict> </dict> </plist>
I led with public.text because it encompasses not just regular text files, but HTML files as well; public.xml appears to cover XHTML, though I’m not 100% sure where those files fall. public.audiovisual-content covers all audio and video files, as you might guess. There are probably a few other types I’ll add over time, as I encounter enough resistance on certain types of files that I don’t need to be safeguarded. I’ll probably never add public.script or public.executable to the list; personally, I prefer to be warned about that sort of stuff.
To make the magic happen, save the above file (or your own variation) as ~/Library/Preferences/com.apple.DownloadAssessment.plist. Then log out of and back into your account. Finito.
So if you’d like to get your Mac to be less of a nag about opening downloaded files, there’s how. As the links above show, I’m standing on the shoulders of giants here, so my thanks to those who paved the way. I hope that you will be able to benefit from both their work and my small additions thereto.
Update [13 Mar 09]: Potentially very bad news, folks. I just tried this on my 10.5.6 machine and it failed utterly. As did the Folder Action approach. Older versions of Leopard apparently didn’t have this problem. Anyone else seeing the same kind of thing on their machines? If either way is still working for you under 10.5.6, can you tell us which one it is in the comments? Thanks.
Update [18 Mar 09]: Great news, folks. Ben Millett kindly sent me a copy of his working-under-10.5.6 file and I tried it out, and it worked! The difference seems to be that the version I was using was encoded as “Unicode™ (UTF-8, no BOM)” whereas the encoding of the file Ben sent me is “Western (Mac OS Roman)” (both according to BBEdit). So if your copy doesn’t work, check the file encoding. Next I’m going to experiment with adding file extensions, and will report back if I meet with success.
Many thanks for your sleuthing (and those whose shoulders you stood upon)!
This is great. I saw (and replied to) your Tweet yesterday and implemented the original plist file that wasn’t as specific. This is a lot better though. Your research is appreciated and so is the fact that you shared it with the world. Weee!
Thanks for digging deeper on this, Eric. I’ve been using the public.item version of this. Nice to see a more specific way of accomplishing this.
“What”s even worse is that the dialog requires mouse input to get past.”
You do have Full Keyboard Access turned on, don’t you?
Thanks for posting this. When I attempted to save my plist file to ~/library/Preferences I was told it already existed. I knew I hadn’t created it before. The existing file contained one entry:
So, the Amazon MP3 Downloader takes care of this problem for its own filetype during installation. Would you consider it risky for installers to add exceptions to this plist?
Hard to say, Matt, because the instructions you linked don’t apply to Leopard in the slightest, so far as I can tell. For example, there’s no “Keyboard” preference pane, and under the “Keyboard & Mouse” preference pane, there’s no “Full Keyboard Access” tab, nor anything even remotely like it. Under “Universal Access”, I found a reference to Full Keyboard Access under the “Mouse & Trackpad” tab (where else?), but it implies that all it will let me do is tab between windows and dialogs.
That’s not what I want. I’m able to use my keyboard to activate the buttons in many applications (command-O for “Open” being a common one). The Finder has generally not been one of them, which is wider point of annoyance, but one I was able to overlook until the downloaded-file warnings showed up.
I would, actually, especially if they do it without asking the user for approval. Nevertheless, I completely understand why Amazon would do this. If they didn’t, then any time you bought downloadable MP3s from Amazon, you’d get a warning. And who would users blame? Amazon. (Not to mention the potential loss of trust—“wait, what is Amazon sending me that my computer is upset about it?”.)
Annoying notices in Leopard fix « b&k m online
[…] In Mac OS 10.5 (Leopard), whenever you download a file and then attempt to open it, you are asked if you really want to open the file, because it originated from the Internet and could possibly harm your computer. Eric Meyer asked the twitterverse for suggestions on how to remove the warning and found that a new preference file will fix the issue (via). Now, one way is to just disable the warning for all public.item files—which is to say, every type of file. I was tempted, but it turns out there”s a finer grain that can be applied: listing specific file types to be ignored. Better still! That way I can switch this off for the file types that I download all the time, like HTML files, and keep the safeguard in place for file types I almost never download, like executable scripts.↵ […]
Full keyboard access set to “all controls” will let you tab between buttons in a dialog box and use spacebar to activate them, not just “tab between windows and dialogs”. It’s very handy for dialog boxes where the typical cmd shortcuts don’t work. That’s not to say it’s a better solution for this specific problem than the one you provided, but it does obviate the need for the mouse in any dialog.
Eric, to turn on full keyboard access in leopard, go to Keyboard & Mouse preference pane, select the Keyboard Shortcuts tab, and at the bottom there’s a set of radio buttons to enable full keyboard access.
You’re right, the KB article has inaccurate instructions (for Leopard). But Paul is talking about what I was meant. When this is enabled, I hit tab and then space to clear the verification dialog.
So I turned it on, and that means I can get past the dialog with two tabs and a spacebar. Of course, if I twitch wrong and do one or three tabs, I’m screwed. Allowing command-O (or even just plain O) for “Open” would be much, much better from a UX standpoint.
But overall, I’d rather just not ever get the dialog box in the first place, at least for the file types I’m willing to let through. Now, if only I could figure out how to register .csv and .tsv as public.text UTIs…
If you’re following the comment via RSS, please see the update on the post: this isn’t working in 10.5.6. Not any of it, actually; at least not for me. Anyone seeing different results?
I’m using 10.5.6 and it’s working for me. PHP files that I downloaded are opening, as are html & amz (I added that to the list). I don’t recall getting the message box for images or movies so I can’t verify that.
Ref, you update dd 18 Mar 09.
Puzzled. The default for a plist file (any XML) is utf-8 last I checked, and your sample doesn’t specify any xml prolog (meaning: assuming default).
I tested here, 10.5.6, with a plist file created with Property List Editor.app (part of the developers tools) and it worked just fine.
I’m confused too, Philippe. All I know is the copy I had wasn’t working. When I dropped in Ben’s, it did work, and the only difference I can see is the encoding. (The version I had on my hard drive had the XML prolog.)
I’ll try opening both in property List Editor (if I have it installed) and see if there’s any indicated difference, then save both and compare them to the originals and see what happens there.
Same here Ben M. 10.5.6 and works 100% for me.
Not that it matters now but the issue your bothered by was created to address a very specific vulnerability. The Issue related to what one would call a drive by download. In the past you could create a malicious file and provide a link to it that would be downloaded and executed automatically bypassing the user controls.
As a result prior to this you could lose control of your computer. That annoying box gives you the user the last bit of control to prevent bad things from happening prior to bad things happening.
I am not saying that the box is the best solution for you but remember that since most users tend to run as admin and click without thinking that was the best defense that could be done easily. After all I expect you do like it that Apple tries very hard to keep your system secure from not so nice people.
As for the solution I am glad you found an answer. I just hope your doing defensive browsing and not running as admin.
Thanks for the tip.
However, after several warning-free days I’ve downloaded a .wmv file with Firefox and received this annoying warning message again. I went to ADC site and checked this document:
This page tells us that WMV conforms to public.movie -> public.audiovisual-content -> public.content & public data -> public item. This means your tip should work but it doesn’t for some unknown reason.
Have you tried downloading .wmv files?
Disable downloaded-file warnings in Leopard - machine quotidien
[…] Selectively Disabling Downloaded-File Warnings in Leopard […]
How to disable that annoying downloaded file warning in Leopard « SBP’s Random Walk
[…] How to disable that annoying downloaded file warning in Leopard From Eric Meyer: […]
I tried it but does not work. I am using 10.5.8.
I would like very much to have a solution like this. Do you have any idea what the problem might be?
Anybody have any luck with this for NZB files and snow leopard?
> Anybody have any luck with this for NZB files and snow leopard?
Nope, torrent files work just fine, but SL keeps bugging me with warnings about opening nzb files, even though I added both text/xml as Mime safe type and nzb as safe extension.
I figured it out, I think. Lots more explanation and a couple of additional steps I took that I *think* are unnecessary can be found here, but bottom line, I think you just need to open this .plist file in TextWrangler or BBEdit, do a Save As, use the Options button to set the encoding to UTF-8 instead of UTF-8, no BOM, and save right over the original version of the file. And reboot (or log out and in, not sure which is necessary; both are sufficient).
This is probably mostly an issue for people who have used Amazon downloads, which creates this .plist file, but makes it a UTF-8, no BOM file for whatever reason. I’ll bet that even people who have their browser set to process safe files aren’t getting auto-launch of Amazon’s download app in later versions of Leopard and in Snow Leopard, and this “no BOM” file encoding is why.
I’m trying to whitelist .flv movies.. and can’t find any reference to them! I’ve added:
to your list (thanks!), but flv is not mentioned at the apple dev site (now found at: http://developer.apple.com/mac/library/documentation/Miscellaneous/Reference/UTIRef/Articles/System-DeclaredUniformTypeIdentifiers.html#//apple_ref/doc/uid/TP40009259-SW1 )
Thanks again! Tim
Hi Eric, hi everyone,
Late, but catching up.
Great stuff, except that I cannot unravel my problem when tying to deal with .docx or .pptx, etc.
Even if these files are “reliable”, I can’t open them automatically.
You know how to deal with?? :-)
Many thanks by advance!