Protocol Helpers and Mac OS X
By Damien Gallop

August 2nd, 2003

It seems that Mac OS X does not have a built-in way to easily change associations between various internet protocols such as ftp and one's applications of choice to handle these protocols. MoreInternet, a system preference for OS X, fills that need.

The problem was matching internet protocols entered as URLs such as ftp://ftp.netscape.com/ in a browser with nice applications. The lead came from a macosxhints story. The solution came in a moment of serendipity.

Up to now, the exclusive method appears to be using Internet Explorer's Preferences to change the default associations. In my experience, this works for every application except Finder. Even if you delete the association altogether, that protocol will still get associated with the last known good, as it were, which in my case for ftp was Internet Explorer itself. But I prefer to let Finder mount a read-only ftp disk onto my desktop and go from there. Did you know Finder can do that? Yes, indeed. Associating Finder with ftp is possible now, as MoreInternet makes this very association by default.

Setting up a protocol in MoreInternet works by typing in the protocol, e.g. the word ftp, and a description, and dropping an application onto the icon in the setup panel. I am sure that future versions of MoreInternet will have a facility to select standard protocols from a drop-down list, and to edit existing entries. Meanwhile, avoid typos.


Setting up ftp Protocol in MoreInternet

MoreInternet also remembers only the last-selected application. You can't drag it away, as it were. You can only drag a new program icon on top of the existing helper application icon. Try doing that with Finder. Betcha you can't.

The simplest way to change an association from some application back to Finder is to delete the association altogether, then recreate it with the default association, which just happens to be Finder. Not so sure? Try creating a bogus protocol called test and make an association for it with Finder. Easy, no? Now do the same for ftp and you're away.

While we've used ftp as our example, of course it works for anything you can type into a URL, including a default browser for the http and https protocols. Here, merely drag the Safari application, say, onto the icon when http is selected in MoreInternet. You've just changed your default browser!

A word about ftp security. When you login to an ftp server, you send clear-text username and password. Don't do that. The only safe use of ftp servers today is anonymous-ftp for public read-only file repositories, though if you are at home behind a hardware firewall of some sort, such as a NAT gateway, then ftp might be a convenient way to move stuff between dissimilar machines - at home. As an exercise in how the internet sees ftp passwords, pull your internet connection for a moment, enable your own ftp server, and try this URL in your browser: ftp://user:pass@localhost/Applications/ (replacing user:pass with your Mac login). If you can see your password, so can everyone else.

Notice that apparently no login is required in the Netscape example above. That is because Finder, like many other ftp-enabled applications such as Internet Explorer and Netscape, does an anonymous-ftp login automatically. Here, the username is "anonymous", and the standard password is your email address. The tradition of anonymous-ftp goes back many years. If you specify an ftp URL to a host that does not support anonymous-ftp, you will be prompted for a login. See security concerns above!

All unix variants today support Secure ftp, or sftp for short. (Whether or not the service has been installed on a particular host is another story, but all of the software is available. For free, of course.) Unfortunately many web hosting outfits still use ftp for file uploading. There is no excuse for this. None at all. Pay the premium or jump ship to a different hosting company in order to get sftp server-side support. To see if your Mac supports sftp, open a Terminal window and type sftp. If it responds, you're in. If not, you're not. To see the package version, type ssh -V. This will return a line something like so: OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090609f. It's been standard equipment on OS X for a while and supported within Software Update, but you can still build and install it yourself if need be. Unless you have obtained a separate package that supports sftp, such as Fugu, sftp will probably require Terminal, in case you're setting up an entry in MoreInternet for it.

That's ftp. Theoretically, you could also add the smb protocol. In my tests, however, the browser hands off the request to Finder alright, but the request goes into etherspace after that. You might have better luck. That said, name the protocol smb and describe it as "Connect to SAMBA file server" or "Connect to Windows file share". Now, when you type an URL like smb://192.168.0.5/Share into your browser, the request will be handed off to Finder immediately. If you do add smb, make another identical one for the equivalent cifs protocol also. An advantage of adding the smb protocol is being able to add browser shortcuts for your Windows shares. Username and passwords will be handled in a pop-up window from Finder, just as before.

While we're at it, a default AppleShare login allows clear-text passwords and not encrypted. You need to switch both of those around right away and Save Preferences. What were they thinking?


Setting up AppleShare Login Security

MoreInternet has actually been around for a while, but it seems to be one of the 'Net's best-kept secrets. The tricky bit is knowing what to ask for. If you don't know this feature is called "protocol helpers", then you end up asking for "the thingy that makes URLs work when you click on them." Through a trail of serendipity and with thanks to macosxhints, I found a reference to its predecessor called Vince (also listed on VersionTracker), which in turn led me to MoreInternet. Interestingly, as I migrate away from Internet Explorer usage, now that the latter is at the end of its product development lifetime, I have come to appreciate Internet Explorer more than ever. Go figure. Ciao.