Preventing Unsupported Drag And Drop Uploads In Sharepoint Document Libraries

ByThe SharePoint FAQs Team

What’s the Issue with Drag and Drop Uploads?

SharePoint’s drag and drop upload capability provides users an easy, convenient way to add files to document libraries. However, enabling this feature by default allows users to freely upload any type of file without restrictions. Before long, document libraries can accumulate unwanted file formats like executables, zip files, and disk images that take up storage space and pose potential threats.

Instead of entirely disabling drag and drop, which reduces usability, administrators can configure intelligent controls to Only permit approved file extensions. This maintains ease of use for end users when working with compliant file types like Office documents and PDFs. Simultaneously, automatic blocking of unsupported formats enhances security and optimizes storage use.

Set Allowed File Name Extensions

SharePoint Online document libraries have built-in settings to specify permitted file types by extension. The first step is to define an allow list of acceptable uploads based on user needs and organizational policies. Typical examples include:

  • .docx – Word documents
  • .xlsx – Excel spreadsheets
  • .pptx – PowerPoint presentations
  • .pdf – PDF documents

To set allowed extensions:

  1. Navigate to the document library settings
  2. Under the “General Settings” section, find “Allowed file extensions”
  3. Enter approved extensions separated by commas, such as “.docx,.xlsx,.pptx,.pdf”
  4. Click “OK” to save changes

Use PowerShell to Audit File Types

For existing SharePoint document libraries that already contain unsupported file uploads from drag and drop or other methods, administrators can run PowerShell scripts to detect unapproved formats. Adding the discovered extensions to a deny list strengthens restrictions on disallowed types. Here is a script to audit a document library and output a list of file extensions:

#Configuration variables  
$SiteURL = "https://contoso.sharepoint.com/sites/mysite"
$ListName = "Shared Documents"
  
#Connect to SharePoint Online  
Connect-SPOService -Url $SiteURL
  
#Get all files in document library and output extensions
Get-SPOFolderItem -FolderSiteRelativeUrl /sites/mysite/Shared Documents -ItemType File | Select Name, Extension | Export-CSV C:\SharePointExtensions.csv

Further cleaning of the output data can isolate the unique extensions not on the allow list for blocking. Commented explanations within the scripts guide administrators on customizing the logic.

Automatically Block Unapproved Uploads

Even with allowed file extensions configured, users might still try uploading blocked formats through drag and drop or other methods. Power Automate flows provide automated enforcement of upload policies. The following steps create a flow to delete disallowed files:

  1. Trigger flow on when a file is created in the target library
  2. Check the file extension against the allow list
  3. If the detected extension is blocked, delete the uploaded file
  4. Otherwise, allow the supported file type to remain in the library

The automated scan and removal of policy-violating uploads ensures unsupported files never persist. Users only have access to permitted formats.

Notify Users of Rejected Files

Automatically deleting unapproved uploads without notice can confuse users who expect to see their added files in the document library. Send polite rejection notices detailing the exact reasons for blocking:

  • The uploaded file type is not permitted in this document library due to company policy
  • Only file extensions like .docx and .pdf are allowed due to infrastructure limitations
  • Contact IT support if you require exceptions for collaboration purposes

Avoid accusatory tones blaming the user. Instead clearly articulate that uploaded content failed to match the defined file type restrictions. Offer constructive next steps for questions and exception requests.

Frequently Asked Questions

Why are only certain file types allowed?

Restricting allowed file extensions promotes security and ensures document libraries contain only properly supported formats relevant for collaboration. Many unsupported types like executables and disk images have the potential for malicious payloads.

What if I have a blocked file type needed for a current project?

Contact IT support to request an exception if you have a justified business need to share content in a normally unsupported format such as a ZIP archive. Administrators can evaluate these requests on a case-by-case basis.

How can I upload large batches of allowed documents easily?

The SharePoint web interface offers a convenient drag and drop upload function for adding multiple files at once. Users can also sync SharePoint document libraries to their local file system using OneDrive desktop applications. Moving files through file explorer automatically uploads them.

Summary

Unrestricted file uploads via drag and drop can negatively impact SharePoint document libraries by cluttering storage and slowing performance. Implementing thoughtful restrictions that permit common business file formats while blocking risky types allows organizations to safely maximize the capability. Automated processes provide frictionless enforcement without relying solely on user compliance. With the techniques in this article, administrators can uphold governance standards without compromising an end user’s ease-of-use.

Leave a Reply

Your email address will not be published. Required fields are marked *