"Unable to Open PDF Directly from SharePoint 2010
After installing SharePoint 2010 your users may find that they can no longer
open PDF files and are instead forced to save them to their local machine.
In Internet Explorer 8 Microsoft added a security feature to
prevent script injection vulnerabilities caused by buggy client software. This
feature is activated by a new HTTP header called X-Download-Options which can be
set to noopen. When that header is passed with a file attachment Internet
Explorer 8 will not provide the option to directly open the file, instead you
must first save the file locally and then open it.
SharePoint 2010 utilizes this enhanced security feature in
IE 8 to block the opening of file types it considers vulnerable to scripting or
other attacks, such as PDFs. You can modify SharePoint's behavior by changing
the Browser File Handling option in the Web Application General Settings of
SharePoint 2010. Your options are permissive and strict, with strict being the
default.
If your users demand that they open files directly from the web and you are
willing to permit the additional security risk you can easily make this
modification to your SharePoint web applications."
