Changing the system’s default settings for html files (safe)

2:42 am
Apple, Leopard, Mac, Tips, how-to

With Leopard 10.5.1, Apple’s developers changed the default status of html files downloaded from the internet from ’safe’ to ‘Unsafe’.

While this may make sense from a security standpoint, for somebody like me that processes hundreds of html files downloaded every day, it’s a big annoyance.

I filed a bug with Apple, asking for a workaround. I was hoping that they would implement a preference somehow to enable me to either override the default settings or allow me to specify trusted servers.

Tonight, three months later, I received an answer and the workaround that I was looking for.

I turned out that you could have a user specific file to override the system’s default settings. The file is not there normally, so you would need to create it. It is:

~/Library/Preferences/com.apple.DownloadAssessment.plist

The contents of the file need to be:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>LSRiskCategorySafe</key>
	<dict>
		<key>LSRiskCategoryContentTypes</key>
		<array>
			<string>public.html</string>
			<string>public.xml</string>
			<string>public.php-script</string>
			<string>com.microsoft.windows-media-wmv</string>
		</array>
		<key>LSRiskCategoryExtensions</key>
		<array>
			<string>xhtml</string>
		</array>
	</dict>
</dict>
</plist>

Hopefully that helps somebody else with this type of problem.

If you need to change the settings of other file types, here are the system-declared file types:

System-Declared Uniform Type Identifiers

For each type you add another <string></string> item to the above array.

For example, for jpeg2000 files you add:

	<string>public.jpeg-2000</string>

Right below the other <string> line in the first array.

To declare files by extension, you add:

	<string>odf</string>

Right below the other <string> line in the second array.

19 Responses

  1. OS X Leopard - Are you sure you want to open it? Says:

    [...] second is by Lazeez (Changing the system’s default settings for html files (safe)) is my preferred solution. Basically you need to create a file called [...]

  2. Dan Says:

    THANK YOU! These stupid security alerts drive me nuts. I wish there was an easy way to shut it off completely. If you know anything about computers you shouldn’t need it.

  3. Peter da Silva Says:

    These are there as a result of two stupid decisions by apple, copied from Microsoft:

    1. open “safe” files after downloading.
    2. hide file extensions for known file types

    Instead of backing off these bad ideas, Apple implemented a copy of the tool Microsoft uses to train people to answer “YES” to “badguy.com wants to install a virus on your computer. Is this OK? (Install) (Panic)”. Whiskey Tango Foxtrot, Apple.

  4. Kelsang pagchen Says:

    I also added this line so I can zip php files I just downloaded with CleanArchiver:
    public.php-script

    thank you so much, its a savior for me !

  5. Kelsang pagchen Says:

    sorry it should read:
    public.php-script

  6. Winstrong Says:

    Thanks very much for posting this and making it easy to find with a Google search.

  7. Peter da Silva Says:

    Well, crap, Safari seems to be ignoring DownloadAssesment.plist.

  8. Jasper Says:

    This didn’t work for me, I’m trying to add torrents to the safe list. both links are dead so i can’t find the file type stuff :/

    osx 10.5.6

  9. Öppna flera php-filer i ett svep – Macbloggen Says:

    [...] av informationen i artikeln är hämtad från den här artikeln och den här på macosxhints. Även My Macinations har en artikel. Rekommendera artikeln till [...]

  10. me Says:

    doesn’t work for me either!

  11. David A Teare Says:

    Thanks for the awesome fix!

    For those that it didn’t work, try restarting Safari. No idea if that is mandatory, but it’s what I did and it works great.

  12. Peter Hillerström Says:

    Thank you very very much!

    I’ve been so irritated that TextMate decided to implement this security “feature” introduced in Mac OS X Leopard, and refuses to open multiple php files at once even when I accept one of them.

    Apple has definitely made a wrong decision here about executing “safe” content upon download and not showing the file extensions by default!

  13. PC Says:

    anyone know… do wildcards work? Because, honestly, and i know this is not always a good policy, i would just add * if wildcards work… because i’m cautious about where i go, what i do, and i have antivirus anyways. They’ve already made it so no script can rm -rf /*, well not without prompting me for my password. So just by watching for password prompts… Apple, please make Quarantine FOAD.

    PLSKTHNXBAI.

  14. aMac Says:

    Thank you. This “bug” have bothered me ever since it was introduced in 10.5.1. I can’t understand why Apple have’nt included a ’safe file’ option in System Preferences or something. So we can choose what files are safe or not.

  15. Tom Schneider Says:

    Thanks for posting this! You have to reboot or restart your machine for it to take effect.

  16. Shirley Says:

    Works like a charm !

    As first it didn’t work because I mistakenly put the plist file in Library/Preferences instead of Users/Username/Library/Preferences. After I moved it to the correct location it works and saves me countless clicks (opening HUNDREDS of php files today).

    This “feature” of Leopard is SOOOOO annoying !

    Thank you so much for sharing ! :)

  17. Doug Says:

    It’s a shame we have to work around but it’s always great in the Mac world to know people are dedicated to helping people rather than make a buck… Worked great… Thanks for the post and the help.

  18. Cara Mia Says:

    This is awesome thank you, just what I needed. It didn’t work at first but shutting down Safari may have made it work. Or, I had been trying to open a pile of files all highlighted before created the new .plist file… not sure if unhighlighting and re-highlighting made it finally work, or if it was the restart of Safari. Happy it works now though. Surprised Apple doesn’t have a setting for this under Security in System Preferences so weird.

  19. cara Mia Says:

    Today it doesn’t work. The .plist file seems to have vanished. Re-created it, still can’t open a pile of files without the safety prompt interfering…

Leave a Comment




Your comment


You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.