Greetings from London, where competition has begun at the XXX Summer Olympiad. The last days have been challenging, exhausting, and exhilarating. This week, I'll share a few thoughts from this Pretty Darned Fun experience, and share a point about another PDF... PDFs in SharePoint.
Here in London, Olympic traffic lanes are in effect, final dress rehearsal for the Opening Ceremonies is underway, studios are up and running (and beautiful), lights are glowing (many are LED this year--cool, effective, and economical!), music is playing, talent and athletes abound, and it's all about to spring to life on Friday night. Be sure to tune in to the broadcasts on the networks of NBC!
And, if you didn't know, we are streaming every competition live from NBCOlympics.com. It's an unprecedented effort that will bring something like 277 hours of sports each day of the Olympics to the televisions, computers, and mobile devices of the US audience. Estimates I've read are that 40 percent of US adults plan to stream at least some of the Olympics to their mobile devices. WOW!
Behind the scenes, the action is frenzied. At the end of this newsletter, I'll share a few tweets and posts from the last few days. But let's first turn our attention to a SharePoint point of the week: PDFs and SharePoint.
Right now, I'm sitting in the middle of a room of 30 researchers busily documenting every factoid and story of their assigned sports. What they learn gets documented in a custom database which then publishes PDFs to--you guessed it--SharePoint.
"Research manuals" are just one of many types of content at NBC Olympics. Engineering specifications, technical schedules of circuit utilization, facilities schedules, plans for broadcast sequence... It's all about documents, generated from a lot of different systems.
And as you might guess, a lot of these documents end up as PDFs, to ensure maximum portability across platforms, applications, and devices.
That led us, head on, into the default behavior of SharePoint, which is to prevent opening PDFs in the browser.
Now there's a very good reason why Microsoft set the default for SharePoint to prevent opening PDFs in the browser. PDFs can contain executable code--JavaScript--which runs in the credentials of the user who opens the PDF.
That means PDFs are vectors for attack. An innocuous PDF, opened from the HR team site, could expose personal data, for example. PDFs are so problematic that some folks define them as "potentially dangerous files."
Unfortunately, they're also very useful, so in the real world you must manage the risks and costs to optimize the rewards and benefits. In our case, usability was critical. We must be able to open PDFs within the browser.So we modified the AllowedInlineMimeTypes for one of our web applications to allow PDFs. We managed and mitigated risk by scoping web applications such that the only web app that allows in-browser PDFs is one to which very few users can upload PDFs, and those PDFs are themselves closely managed. The users who are opening PDFs have read-only access to the web application, which further reduces the risk profile.
It's too bad that the PDF setting is scoped to Web applications. After you've opened the possibility for PDFs, you can "unscope" specific libraries, but it would be better, in my opinion, to have the option scoped on-or-off to libraries.
I haven't had time to look at SharePoint 2013 and how it manages this setting. It wouldn't surprise me if it is better in 2013, as Microsoft certainly must have customers of Office 365 who require inline PDFs for their site collections.
Here's the Windows PowerShell script for allowing in-browser PDF viewing:# Get object reference to web application
$webApp = Get-SPWebApplication "<URL>"
# Add PDF to allowed MIME type list
$webapp.AllowedInlineDownloadedMimeTypes.Add("application/pdf")
# Commit changes
$webapp.Update()
Of course, if you're working with PDFs you're also going to want to add the icon for PDFs so that they don't show up as "blank document" icons in a library; and you'll want to ensure you're indexing PDFs.
All of these PDF-related tasks are well documented, so read up on the security implication of in-browser PDFs, not just for SharePoint but for your enterprise as a whole. I highly recommend SharePoint MVP Maurice Prather's blog entry.
And to wrap up, I'll share some experiences from London through some of my tweets ( @danholme) and Facebook posts this week. Facebook has a couple of "public" photo albums from the Games, if you want to check them out, and there will certainly be a lot more photos as the games begin.
Best wishes to you all. Citius Altius Fortius
Read a sampling of tweets and posts:
A nice map of the Olympic Park. Note that North is basically due LEFT on the map. On this map, my work (the IBC) is the large dark blue rectangle at the bottom, left of center ( from my Facebook public album page).
• Just installed new Windows Phone app! Sweet! [There are also GREAT apps for iOS and Android, including the NBCOlympics.com apps!]
• @NBCOlympics will be streaming all 302 events *LIVE* in addition to TV & prime time coverage! presented by @CitiEveryStep
• Is running IT for the Olympics the worst job in the world?
• Tantalizing peek at preparations for Friday's OPENING CEREMONIES. Big shoes to fill, but Danny Boyle (SLUMDOG MILLIONAIRE) and £80m seem to be up to the task!
• Let the Games begin - London 2012
• In this day of social media overload, it's SO FANTASTIC to see that we as human beings still recognize the joy of surprise!!! This is a wonderful little insight into how we relate to and use social media today. #SaveTheSurprise:
London 2012 Olympics: How Danny Boyle got 60,000 fans to keep mum over opening ceremony dress rehearsal - TelegraphTime to start following @London2012!!!
