On a Windows 11 (version 10.0.26200.8037) box, the file association for .ps1 (PowerShell script) files is intentionally set to open all files withe that extension in a text editor. Thus, double-clicking on a .ps1 file in a file manager results in the file opening in that editor. This works as expected.
If a .ps1 file is downloaded from the internet, Win11 correctly applies the “Mark of the Web” to the file. This causes Windows to display the Security Warning dialog box querying “Do you want to open this file?”. Pressing the dialog box’s Open button, however, fails to open the file in the text editor (or elsewhere).
Although this can be worked around by removing the “Mark of the Web” alternate data stream from the file, I want to learn what is preventing the file from opening in the text editor when the Open button is pressed in that dialog box.
What I’ve already done:
- Verified that no related events are present in the Windows event logs, including for SmartScreen.
- Verified that Windows Security’s virus and threat protection logs are empty.
- Verified that locally created
.ps1files without the “Mark of the Web” have no problem opening via file managers. - Verified that downloaded
.ps1files can be opened in the text editor using the editor’s ownOpendialog box.
In addition to identifying the Windows mechanism that is preventing the Open button in Windows’ *Do you want to open this file?” dialog box from working, I will also appreciate learning if there is way to make that button work in this situation?
In this QA, please don’t worry about the obvious reminder that no one should download and run random PowerShell scripts from the internet. I wrote all these scripts myself, so they aren’t random scripts written by others or something like that.