Salesforce: File Upload and Download Security Settings

With natively hosted (Simpplr/Salesforce) files, App managers are able to control file upload and download permissions for specific users. You can restrict upload of HTML in documents, as well as force files to be downloaded instead of previewed in the browser. 


To set file security settings, you'll need Salesforce System admin permissions. 

To control the security settings on files:

  1. Go to Salesforce by removing everything after .com in your Simpplr URL and hit the Enter key.
  2. Go to Setup, then in the Quick Find box, type File upload and select File Upload and Download Security.
  3. Click Edit.

To prevent users from uploading files that pose a security risk:

  1. Check the box next to Don't allow HTML uploads as attachments or document records.

To allow custom file types to only open as an attachment for increased security:

  1. Check the box next to Download custom file types as attachments.

You'll see a list of file types. Each file type offers a dropdown selection where you can choose:

  • Download: This means the file, regardless of file type, will always be downloaded
  • Execute in Browser: This means the file, regardless of file type will always appear in the browser or through an HTTP request
  • Hybrid: This allows Salesforce files to be downloaded, while attachments and documents are executed in the browser

File_upload_and_download.pngAlign settings for each file type you want to set and click Save

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.

Articles in this section

See more