Data Center 4.8
Versions

Configuring raw file download settings

System settings

On this page

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

This page describes how to configure Fisheye to either immediately display downloaded files in the browser, or show the browser's "Save As" dialog. 

Configuration

As a Fisheye administrator:

  1. Log in to the admin area and click Server (under 'Global Settings'). 

  2. Click Edit Details under 'File Download Setting' and choose a setting:

    Mode

    Characteristics

    Smart (default)

    Files that can safely be displayed inline in the browser, will be. Files that are on Fisheye's default list of file extensions that are considered dangerous, will always be accessed via the "Save As" dialog. For files that are considered dangerous, but consist of only plain text (such as .html files), this mode will attempt to force the browser to show (but not execute) the file.

    Secure

    All files, regardless of whether they are considered dangerous or not, are forced to be always accessed via the "Save As" dialog instead of being displayed inline.

    Insecure

    All files downloaded via Fisheye will be displayed in the browser after clicking.

  3. Click Update

(info) Internet Explorer versions 8 and 9 will not display safe content as plain text.

Default file extensions that Fisheye will consider as executable in the browser

In Smart mode, downloading files with any of the following extensions will always trigger the "Save As" dialog, instead of displaying the contents of the file in the browser directly, except in FireFox, Safari and Chrome.

File Extensions

Comments

.txt

Normally these are just text files, but a malicious user could write html in this file, and cause XSS inject attacks if the browser executes the content instead of displaying it. Can be made to be safely displayed in all supported browsers, except Internet Explorer.

.htm , .html, .xhtml, .xml, .svg

Similar to .txt, these are text files, but contains html. Can be made to be safely displayed in all supported browsers, except Internet Explorer.
.swf, .flv , .f4v, .f4p, .f4b Flash object file.
.cabWindows Cabinet File.

 

To add items to the default list in Fisheye, please contact Atlassian Support.

Last modified on Oct 25, 2018

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.