I'am using an addon on my wiki, to edit svg files on the fly: but now I had this problem; A user copy and paste a diagram from drawio and try to pase on the wiki and this error appears:
The wiki returned the following error when uploading: Found href to unsafe data: URI target"" in the uploaded SVG file.
How can I avoid this in my UploadBase.php last time the URI got an url on the target (the url was http://www.w3.org/1999/xhtml), so I did this:
static $validNamespaces = [
'adobe:ns:meta/',
'http://www.w3.org/1999/xhtml',
And this worked just fine: but what about an empty one?
Related
I am building a web app and I would like to show PDF files to my users. My files are mainly stored as byte arrays in the database as they are generated in the backend. I am using the embed element and have found three ways to display a PDF:
Local file path in src attribute: Works, but I need to generate a file from the database byte array, which is not desirable as I have to manage routines to delete them once they are not needed anymore.
Online file path in src attribute: Not possible since my files may not be hosted anywhere but on the server. Also has the same issues as the previous method anyway.
Data as base64 string in src attribute: Current method, but I ran into a problem for larger files (>2MB). Edge and Chrome will not display a PDF when I covert a PDF of this size to a base64 string (no error but the docs reveal that there is a limit for the data in the src attribute). It works on Firefox but I cannot have my users be restricted to Firefox.
Is there any other way to transmit valid PDF data from a byte array out of the database without generating a file locally?
You have made the common mistake of thinking of URLs and file paths as the same thing; but a URL is just a string that's sent to the server, and some content is sent back. Just as you wouldn't save an HTML file to disk for every dynamic page on the site, you don't have to write to the file system to display a dynamic PDF.
So the solution to this is to have a script on your server that takes the identifier of a PDF in your system, maybe does some access checking, and outputs it to the browser.
For example, if you were using PHP, you might write the HTML with <embed src="/loadpdf.php?id=42"> and then in loadpdf.php would write something like this:
$pdfContent = load_pdf_from_database((int)$_GET['id']);
header('Content-Type: application/pdf');
echo $pdfContent;
Loading /loadpdf.php?id=42 directly in the browser would then render the PDF just the same as if it was a "real" file, and embedding it should work the same way too.
I am using blogdown and Hugo to create my personal site and am running into problems when I try to display an HTML files I have stored in the "static" folder. This is an HTML file I created long ago via R markdown and no longer have the .rmd file or data that it was created from. I am trying to use the solution here which involves using the shiny::includeHTML() function within an .rmd to reference another HTML to display.
Here is my blogdown structure with the HTML I want to display in the static/files/ location.
When I create a new post and try to use the serve site addin with the below I am seeing an "Error in file(con, "r") : Cannot open the connection" error. I am assuming this means it isn't finding the HTML in my static folder but cannot figure out why.
I need to save customized CSS files into AWS S3 using paperclip, and load them back in html file using paperclip attachment url. So, the link tag will looks something like:
<link rel = "stylesheet" href = "https://s3.us-east-2.amazonaws.com/....../theme.css20190126-23995-3w63v8.css?1548515496">
Loading the file in Firefox will show the following error in console:
The stylesheet
https://s3.us-east-2.amazonaws.com/....../theme.css20190126-23995-3w63v8.css?1548515496
was not loaded because its MIME type, “text/plain”, is not “text/css”.
I tried using this solution and added .url(:default, timestamp: false) to attachment url. However this give a wrong file url for browser and CSS file is not loaded.
AWS S3 returns default content-type "text/plain", so you should set Metadata on AWS S3.
Log in your AWS console.
Go to your file (xxx/xxx/theme.css20190126-23995-3w63v8.css) on AWS S3 console.
Open Properties tab of your file.
Add content-type click "+ Add Metadata" on Metadata section.
Of course, you can modify Metadata from programs.
https://docs.aws.amazon.com/en_us/sdk-for-ruby/v3/developer-guide/s3-example-upload-bucket-item-with-metadata.html
I would like to put a download link on my website so the users can download the file template.csv. The file is static and is located at the root of my /grails-app/assets folder.
Inside my page.gsp, I have tried 2 methods do so, to no avail :
Download the template
this results in a template.csv file being downloaded, but the content is the html code of page.gsp rather than the original content of the file I uploaded in my assets.
Download the template
the generated html file has a link to localhost:8080/mysite/assets/template.csv but clicking it prompts an error message : Failed - no file.
What is the correct way to do what I want to achieve ? Is there an issue with extra permissions I would need to add to allow the download of my file ?
Our webapp relies on a rather old technological stack :
Grails 2.3.4
Plugin asset-pipeline-2.2.5
I have had some troubles with downloading files straight with a -tag.
To overcome this, I use Controller method to return the file and place the downloadable files in their own folder under web-app/:
class MyController {
#Autowired()
AssetResourceLocator assetResourceLocator
def downloadExcelTemplate () {
String fileName = "MyExcelFile.xlsx"
/* Note: these files are found in /web-app/downloadable directory */
Resource resource = assetResourceLocator.findResourceForURI("/downloadable/$fileName")
response.setHeader "Content-disposition", "attachment; filename=${resource.filename}"
response.contentType = 'application/vnd.ms-excel'
response.outputStream << resource.inputStream.bytes
}
}
And just use regular a-tag to to link to this controller method.
This way you also gain more control over file downloads.
I created a new Azure WebJobs project which is a console app. I placed a settings.json file in the root and I'm trying to access it using the following code but I keep getting an error that says it cannot locate the file. I think it's looking for it under Debug folder but I don't want to move the file there. How do I reference that file?
var config = new Configuration();
config.AddJsonFile("settings.json");
I tried "~/settings.json" but that didn't work either.
You need to identify if it's a deployment or runtime issue, per this article.
Make sure that your file is in fact getting deployed:
In VS, check that it has Copy to Output directory set to Copy if Newer
Use Kudu Console to look at the relevant WebJob folder under D:\home\site\wwwroot\App_Data\jobs\... and make sure that the json file made it to there next to the exe.
You can try to add your json file into your WebJob project's Resources as shown:
Remember to set the file type as Text and encoding to UTF-8.
In your code, you can easily access your json file as string as below:
// The Resources property depends on your actual file name being referenced
var settingsJson = Resources.settings;
Hope this helps!