diff --git a/app/Controller/AttributesController.php b/app/Controller/AttributesController.php
index 81f403d5c..f2cd2bbb9 100755
--- a/app/Controller/AttributesController.php
+++ b/app/Controller/AttributesController.php
@@ -878,6 +878,13 @@ class AttributesController extends AppController {
 				}
 			} else {
 				$this->set('id', $id);
+				$attribute = $this->Attribute->find('first', array(
+					'conditions' => array('id' => $id),
+					'recursive' => -1,
+					'fields' => array('id', 'event_id'),
+				));
+				$this->set('event_id', $attribute['Attribute']['event_id']);
+				$this->render('ajax/attributeConfirmationForm');
 			}
 		} else {
 			if (!$this->request->is('post') && !$this->_isRest()) {
diff --git a/app/Controller/ShadowAttributesController.php b/app/Controller/ShadowAttributesController.php
index f7fa385ba..65905383e 100644
--- a/app/Controller/ShadowAttributesController.php
+++ b/app/Controller/ShadowAttributesController.php
@@ -197,30 +197,41 @@ class ShadowAttributesController extends AppController {
  */
 	// This method will discard a proposed change. Users that can delete the proposals are the publishing users of the org that created the event and of the ones that created the proposal - in addition to site admins of course
 	public function discard($id = null) {
-		if (!$this->request->is('post') || !$this->request->is('ajax')) {
+		if (!$this->request->is('ajax')) {
 			throw new MethodNotAllowedException();
 		}
-		$this->ShadowAttribute->id = $id;
-		$this->ShadowAttribute->read();
-		$eventId = $this->ShadowAttribute->data['ShadowAttribute']['event_id'];
-		$this->loadModel('Event');
-		$this->Event->Behaviors->detach('SysLogLogable.SysLogLogable');
-		$this->Event->recursive = -1;
-		$this->Event->id = $eventId;
-		$this->Event->read();
-		// Send those away that shouldn't be able to see this
-		if (!$this->_isSiteAdmin()) {
-			if ((($this->Event->data['Event']['orgc'] != $this->Auth->user('org')) && ($this->Auth->user('org') != $this->ShadowAttribute->data['ShadowAttribute']['org'])) || (!$this->userRole['perm_modify'])) {
-				$this->Session->setFlash('You don\'t have permission to do that');
-				$this->redirect(array('controller' => 'events', 'action' => 'view', $eventId));
+		if ($this->request->is('post')) {
+			$this->ShadowAttribute->id = $id;
+			$this->ShadowAttribute->read();
+			$eventId = $this->ShadowAttribute->data['ShadowAttribute']['event_id'];
+			$this->loadModel('Event');
+			$this->Event->Behaviors->detach('SysLogLogable.SysLogLogable');
+			$this->Event->recursive = -1;
+			$this->Event->id = $eventId;
+			$this->Event->read();
+			// Send those away that shouldn't be able to see this
+			if (!$this->_isSiteAdmin()) {
+				if ((($this->Event->data['Event']['orgc'] != $this->Auth->user('org')) && ($this->Auth->user('org') != $this->ShadowAttribute->data['ShadowAttribute']['org'])) || (!$this->userRole['perm_modify'])) {
+					$this->Session->setFlash('You don\'t have permission to do that');
+					$this->redirect(array('controller' => 'events', 'action' => 'view', $eventId));
+				}
+			}
+			if ($this->ShadowAttribute->delete($id, $cascade = false)) {
+				$this->_setProposalLock($eventId, false);
+				$this->autoRender = false;
+				return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => 'Proposal discarded.')),'status'=>200));
+			} else {
+				return new CakeResponse(array('body'=> json_encode(array('false' => true, 'errors' => 'Could not discard proposal.')),'status'=>200));
 			}
-		}
-		if ($this->ShadowAttribute->delete($id, $cascade = false)) {
-			$this->_setProposalLock($eventId, false);
-			$this->autoRender = false;
-			return new CakeResponse(array('body'=> json_encode(array('saved' => true, 'success' => 'Proposal discarded.')),'status'=>200));
 		} else {
-			return new CakeResponse(array('body'=> json_encode(array('false' => true, 'errors' => 'Could not discard proposal.')),'status'=>200));
+			$this->set('id', $id);
+			$shadowAttribute = $this->ShadowAttribute->find('first', array(
+					'conditions' => array('id' => $id),
+					'recursive' => -1,
+					'fields' => array('id', 'event_id'),
+			));
+			$this->set('event_id', $shadowAttribute['ShadowAttribute']['event_id']);
+			$this->render('ajax/shadowAttributeConfirmationForm');
 		}
 	}
 
diff --git a/app/View/Attributes/add.ctp b/app/View/Attributes/add.ctp
index 6e3a98ef6..f0d993fdb 100755
--- a/app/View/Attributes/add.ctp
+++ b/app/View/Attributes/add.ctp
@@ -1,4 +1,3 @@
-<? echo $this->Html->script('ajaxification');?>
 <div class="attributes <? if (!$ajax) echo 'form';?>">
 <?php 
 	echo $this->Form->create('Attribute', array('id'));
diff --git a/app/View/Attributes/ajax/attributeConfirmationForm.ctp b/app/View/Attributes/ajax/attributeConfirmationForm.ctp
new file mode 100644
index 000000000..be51fe826
--- /dev/null
+++ b/app/View/Attributes/ajax/attributeConfirmationForm.ctp
@@ -0,0 +1,24 @@
+<div class="confirmation">
+<?php 
+	echo $this->Form->create('Attribute', array('style' => 'margin:0px;', 'id' => 'PromptForm'));
+?>
+<legend>Attribute Deletion</legend>
+<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
+<p>Are you sure you want to delete Attribute #<?php echo $id?>?</p>
+	<table>
+		<tr>
+			<td style="vertical-align:top">
+				<span id="PromptYesButton" class="btn btn-primary" onClick="submitDeletion(<?php echo $event_id; ?>, 'delete', 'attributes', <?php echo $id;?>)">Yes</span>
+			</td>
+			<td style="width:540px;">
+			</td>
+			<td style="vertical-align:top;">
+				<span class="btn btn-inverse" id="PromptNoButton" onClick="cancelPrompt();">No</span>
+			</td>
+		</tr>
+	</table>
+</div>
+<?php 
+	echo $this->Form->end();
+?>
+</div>
\ No newline at end of file
diff --git a/app/View/Elements/eventattributerow.ctp b/app/View/Elements/eventattributerow.ctp
index 610292f26..d4c671b05 100644
--- a/app/View/Elements/eventattributerow.ctp
+++ b/app/View/Elements/eventattributerow.ctp
@@ -54,8 +54,43 @@ if ($object['objectType'] == 1) {
 	</td>
 	<td class="showspaces <?php echo $extra; ?>">
 		<div id = "<?php echo $currentType . '_' . $object['id'] . '_value_placeholder'; ?>" class = "inline-field-placeholder"></div>
+		<?php if ('attachment' == $object['type'] || 'malware-sample' == $object['type'] ): ?>
+		<div id = "<?php echo $currentType . '_' . $object['id'] . '_value_solid'; ?>" class="inline-field-solid">
+		<?php else: ?>
 		<div id = "<?php echo $currentType . '_' . $object['id'] . '_value_solid'; ?>" class="inline-field-solid" onClick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'value', <?php echo $event['Event']['id'];?>);">
-			<?php echo nl2br(h($object['value'])); ?>
+			<?php 
+			endif;
+				$sigDisplay = $object['value'];
+				if ('attachment' == $object['type'] || 'malware-sample' == $object['type'] ) {
+					$t = ($currentType == 'Attribute' ? 'attributes' : 'shadow_attributes');
+					$filenameHash = explode('|', nl2br(h($object['value'])));
+					if (strrpos($filenameHash[0], '\\')) {
+						$filepath = substr($filenameHash[0], 0, strrpos($filenameHash[0], '\\'));
+						$filename = substr($filenameHash[0], strrpos($filenameHash[0], '\\'));
+						echo h($filepath);
+						echo $this->Html->link($filename, array('controller' => $t, 'action' => 'download', $object['id']));
+					} else {
+						echo $this->Html->link($filenameHash[0], array('controller' => $t, 'action' => 'download', $object['id']));
+					}
+					if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
+				} elseif (strpos($object['type'], '|') !== false) {
+					$filenameHash = explode('|', $object['value']);
+					echo h($filenameHash[0]);
+					if (isset($filenameHash[1])) echo ' | ' . $filenameHash[1];
+				} elseif ('vulnerability' == $object['type']) {
+					if (! is_null(Configure::read('MISP.cveurl'))) {
+						$cveUrl = Configure::read('MISP.cveurl');
+					} else {
+						$cveUrl = "http://www.google.com/search?q=";
+					}
+					echo $this->Html->link(h($sigDisplay), h($cveUrl) . h($sigDisplay), array('target' => '_blank'));
+				} elseif ('link' == $object['type']) {
+					echo $this->Html->link(h($sigDisplay), h($sigDisplay));
+				} else {
+					$sigDisplay = str_replace("\r", '', $sigDisplay);
+					echo nl2br(h($sigDisplay));
+				}
+			?>
 		</div>
 	</td>
 	<td class="showspaces bitwider <?php echo $extra; ?>">
@@ -92,7 +127,7 @@ if ($object['objectType'] == 1) {
 			?>
 		</div>
 	</td>
-	<td class="<?php echo $extra; ?>" style="width:150px;">
+	<td class="<?php echo $extra; ?> shortish">
 		<div id = "<?php echo $currentType . '_' . $object['id'] . '_distribution_placeholder'; ?>" class = "inline-field-placeholder"></div>
 		<div id = "<?php echo $currentType . '_' . $object['id'] . '_distribution_solid'; ?>" class="inline-field-solid" onClick="activateField('<?php echo $currentType; ?>', '<?php echo $object['id']; ?>', 'distribution', <?php echo $event['Event']['id'];?>);">
 			<?php if ($object['objectType'] != 1 && $object['objectType'] != 2) echo h($distributionLevels[$object['distribution']]); ?>&nbsp;
@@ -105,7 +140,7 @@ if ($object['objectType'] == 1) {
 					echo $this->Form->create('Attribute', array('class' => 'inline-delete', 'id' => $currentType . '_' . $object['id'] . '_delete', 'action' => 'delete'));
 		?>
 			<a href="/attributes/edit/<?php echo $object['id']; ?>" title="Edit" class="icon-edit useCursorPointer"></a>
-			<span class="icon-trash useCursorPointer" onClick="deleteObject('attributes', '<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
+			<span class="icon-trash useCursorPointer" onClick="deleteObject('attributes', 'delete', '<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
 		<?php 
 					echo $this->Form->end();					
 				} else {
@@ -123,7 +158,7 @@ if ($object['objectType'] == 1) {
 				if (($event['Event']['orgc'] == $me['org'] && $mayModify) || $isSiteAdmin || ($object['org'] == $me['org'])) {
 					echo $this->Form->create('ShadowAttribute', array('class' => 'inline-delete', 'style' => 'display:inline-block;', 'id' => 'ShadowAttribute_' . $object['id'] . '_delete', 'action' => 'delete'));
 				?>
-					<span class="icon-trash useCursorPointer" onClick="deleteObject('shadow_attributes', '<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
+					<span class="icon-trash useCursorPointer" onClick="deleteObject('shadow_attributes', 'discard' ,'<?php echo $object['id']; ?>', '<?php echo $event['Event']['id']; ?>');"></span>
 				<?php 
 					echo $this->Form->end();
 				}
diff --git a/app/View/Events/view.ctp b/app/View/Events/view.ctp
index 2dd2699e2..003392600 100755
--- a/app/View/Events/view.ctp
+++ b/app/View/Events/view.ctp
@@ -159,6 +159,7 @@ $mayPublish = ($isAclPublish && $event['Event']['orgc'] == $me['org']);
 		<?php if (sizeOf($allPivots) > 1) echo $this->element('pivot'); ?>
 	</div>
 	<div id="attribute_add_form" class="attribute_add_form"></div>
+	<div id="confirmation_box" class="confirmation_box"></div>
 	<div id="attribute_creation_div" style="display:none;">
 		<?php 
 			echo $this->element('eventattributecreation');
diff --git a/app/View/ShadowAttributes/ajax/shadowAttributeConfirmationForm.ctp b/app/View/ShadowAttributes/ajax/shadowAttributeConfirmationForm.ctp
new file mode 100644
index 000000000..337e12474
--- /dev/null
+++ b/app/View/ShadowAttributes/ajax/shadowAttributeConfirmationForm.ctp
@@ -0,0 +1,24 @@
+<div class="confirmation">
+<?php
+echo $this->Form->create('ShadowAttribute', array('style' => 'margin:0px;', 'id' => 'PromptForm'));
+?>
+<legend>Proposal Deletion</legend>
+<div style="padding-left:5px;padding-right:5px;padding-bottom:5px;">
+<p>Are you sure you want to delete Proposal #<?php echo $id?>?</p>
+	<table>
+		<tr>
+			<td style="vertical-align:top">
+				<span id="PromptYesButton" class="btn btn-primary" onClick="submitDeletion(<?php echo $event_id; ?>, 'discard', 'shadow_attributes', <?php echo $id;?>)">Yes</span>
+			</td>
+			<td style="width:540px;">
+			</td>
+			<td style="vertical-align:top;">
+				<span class="btn btn-inverse" id="PromptNoButton" onClick="cancelPrompt();">No</span>
+			</td>
+		</tr>
+	</table>
+</div>
+<?php 
+	echo $this->Form->end();
+?>
+</div>
\ No newline at end of file
diff --git a/app/webroot/css/main.css b/app/webroot/css/main.css
index e0eb69030..d16651c26 100755
--- a/app/webroot/css/main.css
+++ b/app/webroot/css/main.css
@@ -708,6 +708,27 @@ a.proposal_link_red:hover {
 	z-index:5;
 }
 
+.confirmation_box {
+	display:none;
+	width: 300px;
+	top:calc(50% - 50px);
+	left:calc(50% - 150px);
+	position: fixed;
+	background-color:#f4f4f4;
+	border-radius: 5px;
+	box-shadow: 4px 4px 4px #333;
+	z-index:5;
+}
+
+.confirmation_box legend {
+	border-radius: 5px 5px 0px 0px;
+	margin-bottom:5px;
+	padding-left:5px;
+	width:295px;
+	background-color:black;
+	color:white;
+}
+
 .attribute_add_form {
 	display:none;
 	width: 700px;
diff --git a/app/webroot/js/ajaxification.js b/app/webroot/js/ajaxification.js
index 5d8bd592b..e9bf8d9e0 100644
--- a/app/webroot/js/ajaxification.js
+++ b/app/webroot/js/ajaxification.js
@@ -1,4 +1,4 @@
-function deleteObject(type, id, event) {
+function deleteObject2(type, id, event) {
 	var typeMessage, name, action;
 	if (type == 'attributes') {
 		action = 'delete';
@@ -25,6 +25,50 @@ function deleteObject(type, id, event) {
 	}	
 }
 
+function deleteObject(type, action, id, event) {
+	var destination = 'attributes';
+	if (type == 'shadow_attributes') destination = 'shadow_attributes';
+	$.get( "/" + destination + "/" + action + "/" + id, function(data) {
+		$("#confirmation_box").fadeIn();
+		$("#gray_out").fadeIn();
+		$("#confirmation_box").html(data);
+		$(window).bind('keypress', function(e) {
+			var code = e.keyCode || e.which;
+			if (code == 13) {
+				submitDeletion(event, action, type, id);
+			}
+		});
+	});
+}
+
+function cancelPrompt() {
+	$("#confirmation_box").fadeIn();
+	$("#gray_out").fadeOut();
+	$("#confirmation_box").empty();
+}
+
+function submitDeletion(event, action, type, id) {
+	var formData = $('#PromptForm').serialize();
+	$.ajax({
+		beforeSend: function (XMLHttpRequest) {
+			$(".loading").show();
+		}, 
+		data: formData, 
+		success:function (data, textStatus) {
+			updateAttributeIndexOnSuccess(event);
+			handleGenericAjaxResponse(data);
+		}, 
+		complete:function() {
+			$(".loading").hide();
+			$("#confirmation_box").fadeOut();
+			$("#gray_out").fadeOut();
+		},
+		type:"post", 
+		cache: false,
+		url:"/" + type + "/" + action + "/" + id,
+	});
+}
+
 function acceptObject(type, id, event) {
 	name = '#ShadowAttribute_' + id + '_accept';
 	var formData = $(name).serialize();