Edge Security for Server File Downloads

Cutchy -  
Cutchy Posted messages 3 Status Member -
Hello,

I am working with a personal server, I connect to it via EDGE and I download .doc/.csv files depending on the pages I open.

I had no issues with IE but EDGE has implemented a security feature to prevent direct downloads via a server path.

The download works but you need to confirm the download multiple times, which is not very intuitive.

Does anyone have an idea on how to bypass this security? For example, to trust all documents from a specific server.

Thanks in advance!

Configuration: Windows / Edge 99.0.1150.46

1 answer

  1. bazfile Posted messages 58513 Registration date   Status Moderator Last intervention   20 276
     
    Hello.
    Go to Edge settings, then to Downloads and uncheck Ask me what to do with each download.

    --
    bazfile
    Moderator/Security Contributor.
    A hello, a response, a thank you are always appreciated.
    1
    1. Cutchy Posted messages 3 Status Member
       
      Thank you, but it appears before I am asked if I want to open or download the document, basically I get this message:

      I have to click on keep and then keep anyway here:

      (I want to point out that my site is HTTP and not HTTPS)
      0
      1. bazfile Posted messages 58513 Registration date   Status Moderator Last intervention   20 276 > Cutchy Posted messages 3 Status Member
         
        It is Microsoft Defender SmartScreen that is blocking, you need to disable it in the Edge settings, then Privacy, search, and services, and then Security.
        0
      2. Cutchy Posted messages 3 Status Member > bazfile Posted messages 58513 Registration date   Status Moderator Last intervention  
         
        Indeed, I did some research and it seems that this is the problem.
        However, disabling it doesn't change anything; I tried lowering the security of my browser during the tests on all the settings that could be related (both on the browser and on the computer) and still get this warning message.

        It seems surprising to me that even an intranet must necessarily have an HTTPS protocol when we control everything that goes out.
        The server may have been misconfigured from the start, but I don't really know much about it.

        (I'm reposting because my other message seems to have disappeared)
        0