[SOLVED] Cannot download .eml file from browser

Cannot download .eml file from browser

I've a html file which creates an eml file using JavaScript and downloads it on a button click. If I try to download without making any changes, it shows message.eml has been blocked because this type of file can harm your system

Now, I can download and open this .eml file if I modify Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\ExemptDomainFileTypePairsFromFileTypeDownloadWarnings path in the registry and add {"file_extension":"eml","domain":"domain.com"} to it. But I've realized after reboot, permissions are gone, so have to set it again. I found the solution for this too. It's to make my user account the owner of the key and give full control, while keeping read-only access to System and other users for that key. It was not successful though. But anyway, I don't want to make changes in registry.

Is there a way I can download .eml files from browser without changing preset settings?

The code for downloading eml file is:

    <a download="message.eml" id="downloadlink" style="display: none" ><button class="btn btn-primary">Download</button></a>
        <script>
        (function () {
        var textFile = null,
          makeTextFile = function (text) {
            var data = new Blob([text], {type: 'text/plain'});
            if (textFile !== null) {
              window.URL.revokeObjectURL(textFile);
            }
            textFile = window.URL.createObjectURL(data);
            return textFile;
          };

          var create = document.getElementById('create'),
            textbox = document.getElementById('textbox');
            if(create){
          create.addEventListener('click', function () {
            var link = document.getElementById('downloadlink');

            link.href = makeTextFile(textbox.value);
            link.style.display = 'inline';
          }, false);
          }
          else{
            print('no create')
          }
        })();
        

    </script>

Solution

I know how you feel but I'm afraid that you can't download .eml files from Edge without changing the group policy or registry.

This is a feature of chromium browser which intends to protect users from harmful download files. There's a file types policies in chromium and Edge inherits it. From the list, you can see that .eml files' danger level is ALLOW_ON_USER_GESTURE. That means such files are potentially dangerous, but likely harmless if the user is familiar with download site and if the download was intentional. For more information, you can refer to this article by Edge's Senior PM.

If you want to proceed the download of such ALLOW_ON_USER_GESTURE files automatically, you can set this policy/registry. If you don't want to edit the registry, I think you can only set the corresponding group policy.