silkentrance/Confluence: View PDF Attachments inline instead of downloading them

## Confluence: View PDF Attachments inline instead of downloading them
Locate your confluence server deployment root, e.g. ``/foo/atlassian/confluence/7.x.x``

```bash
> cd /foo/atlassian/confluence/7.x.x
```

Under ``confluence/WEB-INF/classes/com/atlassian``, create the following folder structure: ``http/mime``,
resulting in ``confluence/WEB-INF/classes/com/atlassian/http/mime``, e.g.

```bash
> mkdir -p confluence/WEB-INF/classes/com/atlassian/http/mime
```

Now, copy the hostile-attachments-config.properties to the newly created folder.
The only difference here is that ``application/pdf`` was moved from ``executable.mime.types``
to ``safe.file.mime.types``.
(Note that this file was taken from ``confluence/lib/atlassian-http-2.0.8.jar``.)

Restart your confluence service and all PDFs should now be displayed inline,
utilizing the built-in PDF viewer of the browser.

Be warned that this might pose a security risk for your users.

## hostile-attachments-config.properties
# This file configures the HostileAttachmentsHelper class which is responsible for determining whether a file of a
# given Content-Type or with a given file extension could be interpeted by the browser or one of its common plugins
# as an executable content type which runs code that can access the browser DOM and cookies etc.
#
# Examples of such content include JavaScript in HTML files and Flash content run by the Flash and Shockwave/Flash plugins.
#
# The format of this file is that the right side of the equals sign must contain a whitespace separated list of case-insensitive terms.

#
# Set this property to the list of file extensions that are known to connote content types that execute with access
# to the browser (like cookies and DOM)
#
executable.file.extensions = .htm .html .xhtml .shtml .xml .svg .swf .cab .flv .f4v .f4p .f4a .f4b

# This property denotes a set of extensions that are considered text based.
text.file.extensions = .txt

# This property denotes a set of MIME types that are considered text types.
text.file.mime.types = text/plain

# Set this property to the list of MIME Content-Types that will be handled by an in-browser runtime that has access to
# the browser (like cookies and DOM)
#
executable.mime.types = text/html text/html-sandboxed text/xhtml application/xhtml+xml \
  text/xml application/xml text/xml-external-parsed-entity application/xml-external-parsed-entity application/xml-dtd \
  application/x-shockwave-flash image/svg+xml image/svg-xml application/futuresplash application/x-cab video/x-flv \
  application/octet-stream message/rfc822 text/vnd.wap.wml application/atom+xml text/webviewhtml application/rdf+xml \
  application/mathml+xml multipart/x-mixed-replace application/vnd.wap.xhtml+xml text/rdf text/xsl text/vtt

safe.file.mime.types = application/pdf audio/32kadpcm audio/3gpp audio/amr audio/amr-wb \
  audio/annodex audio/basic audio/csound audio/flac audio/g.722.1 audio/l16 \
  audio/midi audio/mp4a-latm audio/mpa-robust audio/mpeg audio/mpegurl \
  audio/ogg audio/parityfec audio/prs.sid audio/telephone-event audio/tone \
  audio/vnd.cisco.nse audio/vnd.cns.anp1 audio/vnd.cns.inf1 audio/vnd.digital-winds \
  audio/vnd.everad.plj audio/vnd.lucent.voice audio/vnd.nortel.vbk \
  audio/vnd.nuera.ecelp4800 audio/vnd.nuera.ecelp7470 audio/vnd.nuera.ecelp9600 \
  audio/vnd.octel.sbc audio/vnd.qcelp audio/vnd.rhetorex.32kadpcm \
  audio/vnd.vmx.cvsd audio/x-aiff audio/x-gsm audio/x-mpegurl audio/x-ms-wma \
  audio/x-ms-wax audio/x-pn-realaudio-plugin audio/x-pn-realaudio \
  audio/x-realaudio audio/x-scpls audio/x-sd2 audio/x-wav audio/vorbis \
  image/cgm image/g3fax image/gif image/ief image/jp2 image/jpeg image/jpm \
  image/jpx image/naplps image/pcx image/png image/prs.btif image/prs.pti \
  image/tiff image/vnd.cns.inf2 image/vnd.djvu image/vnd.dwg image/vnd.dxf \
  image/vnd.fastbidsheet image/vnd.fpx image/vnd.fst \
  image/vnd.fujixerox.edmics-mmr image/vnd.fujixerox.edmics-rlc \
  image/vnd.microsoft.icon image/vnd.mix image/vnd.net-fpx image/vnd.svf \
  image/vnd.wap.wbmp image/vnd.xiff image/x-canon-cr2 image/x-canon-crw \
  image/x-cmu-raster image/x-coreldraw image/x-coreldrawpattern \
  image/x-coreldrawtemplate image/x-corelphotopaint image/x-epson-erf \
  image/x-icon image/x-jg image/x-jng image/x-ms-bmp image/x-nikon-nef \
  image/x-olympus-orf image/x-photoshop image/x-portable-anymap \
  image/x-portable-bitmap image/x-portable-graymap image/x-portable-pixmap \
  image/x-rgb image/x-xbitmap image/x-xpixmap image/x-xwindowdump \
  video/3gpp video/annodex video/dl video/dv video/fli \
  video/gl video/mpeg video/MP2T video/mp4 video/quicktime video/mp4v-es video/ogg \
  video/parityfec video/pointer video/webm video/vnd.fvt video/vnd.motorola.video \
  video/vnd.motorola.videop video/vnd.mpegurl video/vnd.mts  \
  video/vnd.nokia.interleaved-multimedia video/vnd.vivo video/x-la-asf \
  video/x-mng video/x-ms-asf video/x-ms-wm video/x-ms-wmv video/x-ms-wmx \
  video/x-ms-wvx video/x-msvideo video/x-sgi-movie video/x-matroska video/hevc \
  video/avc video/x-vnd.on2.vp8 video/x-vnd.on2.vp9 \
	Locate your confluence server deployment root, e.g. ``/foo/atlassian/confluence/7.x.x``

	```bash
	> cd /foo/atlassian/confluence/7.x.x
	```

	Under ``confluence/WEB-INF/classes/com/atlassian``, create the following folder structure: ``http/mime``,
	resulting in ``confluence/WEB-INF/classes/com/atlassian/http/mime``, e.g.

	```bash
	> mkdir -p confluence/WEB-INF/classes/com/atlassian/http/mime
	```

	Now, copy the hostile-attachments-config.properties to the newly created folder.
	The only difference here is that ``application/pdf`` was moved from ``executable.mime.types``
	to ``safe.file.mime.types``.
	(Note that this file was taken from ``confluence/lib/atlassian-http-2.0.8.jar``.)

	Restart your confluence service and all PDFs should now be displayed inline,
	utilizing the built-in PDF viewer of the browser.

	Be warned that this might pose a security risk for your users.
	# This file configures the HostileAttachmentsHelper class which is responsible for determining whether a file of a
	# given Content-Type or with a given file extension could be interpeted by the browser or one of its common plugins
	# as an executable content type which runs code that can access the browser DOM and cookies etc.
	#
	# Examples of such content include JavaScript in HTML files and Flash content run by the Flash and Shockwave/Flash plugins.
	#
	# The format of this file is that the right side of the equals sign must contain a whitespace separated list of case-insensitive terms.

	#
	# Set this property to the list of file extensions that are known to connote content types that execute with access
	# to the browser (like cookies and DOM)
	#
	executable.file.extensions = .htm .html .xhtml .shtml .xml .svg .swf .cab .flv .f4v .f4p .f4a .f4b

	# This property denotes a set of extensions that are considered text based.
	text.file.extensions = .txt

	# This property denotes a set of MIME types that are considered text types.
	text.file.mime.types = text/plain

	# Set this property to the list of MIME Content-Types that will be handled by an in-browser runtime that has access to
	# the browser (like cookies and DOM)
	#
	executable.mime.types = text/html text/html-sandboxed text/xhtml application/xhtml+xml \
	text/xml application/xml text/xml-external-parsed-entity application/xml-external-parsed-entity application/xml-dtd \
	application/x-shockwave-flash image/svg+xml image/svg-xml application/futuresplash application/x-cab video/x-flv \
	application/octet-stream message/rfc822 text/vnd.wap.wml application/atom+xml text/webviewhtml application/rdf+xml \
	application/mathml+xml multipart/x-mixed-replace application/vnd.wap.xhtml+xml text/rdf text/xsl text/vtt

	safe.file.mime.types = application/pdf audio/32kadpcm audio/3gpp audio/amr audio/amr-wb \
	audio/annodex audio/basic audio/csound audio/flac audio/g.722.1 audio/l16 \
	audio/midi audio/mp4a-latm audio/mpa-robust audio/mpeg audio/mpegurl \
	audio/ogg audio/parityfec audio/prs.sid audio/telephone-event audio/tone \
	audio/vnd.cisco.nse audio/vnd.cns.anp1 audio/vnd.cns.inf1 audio/vnd.digital-winds \
	audio/vnd.everad.plj audio/vnd.lucent.voice audio/vnd.nortel.vbk \
	audio/vnd.nuera.ecelp4800 audio/vnd.nuera.ecelp7470 audio/vnd.nuera.ecelp9600 \
	audio/vnd.octel.sbc audio/vnd.qcelp audio/vnd.rhetorex.32kadpcm \
	audio/vnd.vmx.cvsd audio/x-aiff audio/x-gsm audio/x-mpegurl audio/x-ms-wma \
	audio/x-ms-wax audio/x-pn-realaudio-plugin audio/x-pn-realaudio \
	audio/x-realaudio audio/x-scpls audio/x-sd2 audio/x-wav audio/vorbis \
	image/cgm image/g3fax image/gif image/ief image/jp2 image/jpeg image/jpm \
	image/jpx image/naplps image/pcx image/png image/prs.btif image/prs.pti \
	image/tiff image/vnd.cns.inf2 image/vnd.djvu image/vnd.dwg image/vnd.dxf \
	image/vnd.fastbidsheet image/vnd.fpx image/vnd.fst \
	image/vnd.fujixerox.edmics-mmr image/vnd.fujixerox.edmics-rlc \
	image/vnd.microsoft.icon image/vnd.mix image/vnd.net-fpx image/vnd.svf \
	image/vnd.wap.wbmp image/vnd.xiff image/x-canon-cr2 image/x-canon-crw \
	image/x-cmu-raster image/x-coreldraw image/x-coreldrawpattern \
	image/x-coreldrawtemplate image/x-corelphotopaint image/x-epson-erf \
	image/x-icon image/x-jg image/x-jng image/x-ms-bmp image/x-nikon-nef \
	image/x-olympus-orf image/x-photoshop image/x-portable-anymap \
	image/x-portable-bitmap image/x-portable-graymap image/x-portable-pixmap \
	image/x-rgb image/x-xbitmap image/x-xpixmap image/x-xwindowdump \
	video/3gpp video/annodex video/dl video/dv video/fli \
	video/gl video/mpeg video/MP2T video/mp4 video/quicktime video/mp4v-es video/ogg \
	video/parityfec video/pointer video/webm video/vnd.fvt video/vnd.motorola.video \
	video/vnd.motorola.videop video/vnd.mpegurl video/vnd.mts \
	video/vnd.nokia.interleaved-multimedia video/vnd.vivo video/x-la-asf \
	video/x-mng video/x-ms-asf video/x-ms-wm video/x-ms-wmv video/x-ms-wmx \
	video/x-ms-wvx video/x-msvideo video/x-sgi-movie video/x-matroska video/hevc \
	video/avc video/x-vnd.on2.vp8 video/x-vnd.on2.vp9 \