File Association Web Service and Internet Communication (Windows Server 2003)

  • Article

Applies To: Windows Server 2003 with SP1

This section provides information about:

  • The benefits of the file association Web service

  • How the file association Web service communicates with sites on the Internet

  • How to control the file association Web service to limit the flow of information to and from the Internet

Benefits and Purposes of the File Association Web Service

In products in the Microsoft Windows Server 2003 family, the file association Web service extends the scope of information stored locally by the operating system about file name extensions, file types, and the applications or components to use when opening a particular file type. Both the locally stored information and the file association Web service are intended to provide you with the ability to open (double-click) a file without having to specify which application or component to open it with. The operating system associates the file name extension (for example, .txt or .jpg) with a file type, and it opens each file type with the application or component specified for that file type. For example, file name extensions .htm and .html are both "HTML Document" file types.

The operating system first checks for the file association information locally. If no local information is available about the file name extension and its associated file type, the operating system offers you the option of looking for more information on a Microsoft Web site. For details about the URL for this Web site, see "How the File Association Web Service Communicates with Sites on the Internet," later in this section.

Overview: Using the File Association Web Service in a Managed Environment

To limit the flow of information from the file association Web service to the Internet, you have several options. You can use firewall settings, you can disable the file association Web service by setting a registry key, and you can configure automatic server-based software installation through Group Policy. You can also use scripts to limit the file types that can be stored, viewed, or used on computers in your organization, which will limit the likelihood that anyone will need to obtain information about those file types.

How the File Association Web Service Communicates with Sites on the Internet

The file association Web service communicates with sites on the Internet as follows:

  • Specific information sent or received: If the operating system does not find local information about a file name extension, it offers you the option of sending a query to look for more information on a Microsoft Web site. The site is language-specific; the file name extension that you double-click is appended to the query. The query takes the following form:

    *https://shell.windows.com/fileassoc/***nnnn***/xml/redir.asp?Ext=***AAA

    where nnnn is a hexadecimal value used in the Windows Server 2003 family to map to a language identifier (that is, to an RFC1766 identifier), and AAA is the file name extension for which information is needed. An example of a hexadecimal value and its corresponding language identifier is 0409 for en-us, English (United States).

    For more information about these hexadecimal values, see information about the multiple language (MLang) registry settings on the MSDN Web site at:

    https://go.microsoft.com/fwlink/?linkid=29165

    To search for information about MLang registry settings or the Microsoft Internet Explorer Multiple Language application programming interface (MLang API), use the Search tool on the MSDN Web site at:

    https://msdn.microsoft.com/

  • Default setting and ability to disable: The service is enabled by default. It can be disabled by setting a registry key, as described in "Disabling the file association Web service," later in this section.

    There are ways of reducing the likelihood that a person will trigger the file association Web service. One basic way is to configure automatic, server-based software installation based on Group Policy settings. For more information, see "Finding information about the Software Installation extension of Group Policy," later in this section.

  • Trigger and notification: When you try to open a file (for example, by double-clicking the file), and there is no local information about the correct application or component to use when opening the file, the operating system offers the option either to "Use the Web service to find the appropriate program" or to "Select the program from a list."

  • Logging: No events are logged by the file association Web service.

  • Encryption, storage, access, and privacy: The file name extension sent in a query to the Internet is not encrypted. Nothing in the query identifies the person who triggered the query. If the local computer’s browser is configured to store information about recently visited Internet sites, the browser will store the query containing the file name extension. Otherwise, the query containing the file name extension is not stored anywhere.

  • Transmission protocol and port: The transmission protocol is HTTP and the port is 80.

Controlling the File Association Web Service to Limit the Flow of Information to and from the Internet

If you want to limit the flow of information from the file association Web service to the Internet, you can use one or more of the following methods:

  • Use your firewall to block access to any Web site that contains the following string:

    https://shell.windows.com/fileassoc/

  • Disable the file association Web service by setting a registry key, as described in "Disabling the file association Web service," later in this section.

  • Configure automatic, server-based software installation. To do this, configure one or more servers with the Software Installation extension of Group Policy. When you do this, if someone tries to open a file for which the corresponding application is not installed locally, a copy of the application (stored on another server) is installed automatically. In this situation, the file association Web service will not be triggered. To learn more about the Software Installation extension, see "Finding information about the Software Installation extension of Group Policy," later in this section.

  • Familiarize yourself and other administrators (if you are not already aware) with using Control Panel, Folder Options, and the File Types tab in Folder Options to associate a file name extension with a file type, and a file type with an application. Also, if a message box appears offering the two options, "Use the Web service to find the appropriate program" or "Select the program from a list,” always click "Select the program from a list."

  • Use scripts to scan your organization’s computers for file types that you do not want stored, viewed, or used on your organization’s computers. Take actions to ensure that these files do not remain on individual computers’ hard disks. Reducing the number of file types on hard disks reduces the likelihood that the file association Web service will be triggered.

Procedures that Limit Internet Communication Generated by the File Association Web Service

This subsection contains the following information:

  • A procedure for disabling the file association Web service by setting a registry key.

  • A link to information about configuring automatic, server-based software installation through the Software Installation extension of Group Policy.

  • Procedures for using the File Types tab in Folder Options to associate a file name extension with a file type, and a file type with an application.

Disabling the file association Web service

The following procedure explains how to disable the file association Web service by setting a registry key.

To disable the file association Web service by setting a registry key

  1. Open Registry Editor by clicking Start, clicking Run, and then typing regedit.

    Warning

CautionCaution
Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data on the computer. You can also use the Last Known Good Configuration startup option if you encounter problems after manual changes have been applied.
</div></td>
</tr>
</tbody>
</table>

  1. Navigate to the following registry key:

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System

  2. Click the Edit menu, point to New, and then click DWORD Value.

  3. Type the following name:

    NoInternetOpenWith

  4. Click the new entry (NoInternetOpenWith), and then select Modify in the Edit menu.

  5. Ensure that Hexadecimal is selected, and then for Value data, type:

    1

  6. Close Registry Editor.

Finding information about the Software Installation extension of Group Policy

If you are not already familiar with using the Software Installation extension of Group Policy, use one of the following procedures to learn more. For additional information about Group Policy, see Appendix B: Resources for Learning About Group Policy (Windows Server 2003).

To find information about the Software Installation extension with the Group Policy Management Console

  1. Click Start, and then either click Control Panel, or point to Settings and then click Control Panel.

  2. Double-click Administrative Tools, and then click Group Policy Management.

  3. Expand items in the Group Policy Management Console until the object to which you want to apply Group Policy is displayed. For more information, see the resources listed in Appendix B: Resources for Learning About Group Policy (Windows Server 2003).

  4. Right-click the appropriate Group Policy object and then click Edit.

  5. In the Group Policy Object Editor, in the Help menu, click Help Topics.

  6. Click the Contents tab, click Group Policy Management, click Concepts, click Group Policy Object Editor Extensions, and then click Software installation.

To find information about the Software Installation extension without the Group Policy Management Console

  1. On a computer running a product in the Windows Server 2003 family, click Start and then click Help and Support.

  2. Under Help Contents, click Common Administrative Tasks, and then click Deploying and upgrading software.

    You can also view Help on the Web at:

    https://go.microsoft.com/fwlink/?LinkId=29881

Specifying associations between file name extensions, file types, and applications or components

When you associate a file name extension with a file type and an application or component, the result is that the file association Web service cannot be triggered by that file name extension on that computer.

To associate a file name extension with a file type

  1. Click Start, and then either click Control Panel, or point to Settings and then click Control Panel.

  2. Double-click Folder Options, and then click the File Types tab.

  3. Click New.

  4. Type a new or existing file name extension, and then click Advanced.

  5. In Associated File Type, do one of the following:

    • Type or select New to create a file type to associate with the file name extension.

    • Type or select a different file type to associate with the extension.

      Note

      When you type a file name extension in the Create New Extension dialog box, the Associated File Type list displays the file type that is associated with that extension. To select New, scroll to the top of the list.

To associate a file name extension with an application

  1. Click Start, and then either click Control Panel, or point to Settings and then click Control Panel.

  2. Double-click Folder Options, and then click the File Types tab.

  3. Under Registered file types, click a file type.

  4. Click Change, and then choose the application you want to use to open this file.