From our website, we need to open a local resource via file://something. We are getting a security error - at least in Chrome. Is it possible to allow files to be read via a file:// protocol by writing a Chrome plugin and saving an allowed location there? Any suggestions?
Related
I enabled SSL on my website which is hosted on Blogspot with a custom domain and I encounter this error in console which asks me to Load Unsafe Scripts on the address bar.
What I see in Inspect Element:
This has nothing to do with IPv4. The error just says that, while your page was served over https, it's trying to load an external script via http, which Chrome doesn't allow. You must modify your page to load all resources over https.
You can access to you local system via browser by simply using file:/// as address.
I have being trying to access local system drives via file:/// in HTML via anchor tag...like this..
Home
I get Not allowed to load local resource: file:/// this error in console...Is there any way possible to access the drives in this way...
No, this is by design and security and is not allowed. This is crossdomain related.
Some browsers like Google Chrome allow you tu disable this using the runtime commands, see here for more information:
https://stackoverflow.com/a/6075747/753676
https://stackoverflow.com/a/12523274/753676
https://stackoverflow.com/a/4752452/753676
You can disable this security feature in Chrome and other browsers with
chrome.exe --allow-file-access-from-files or chrome --disable-web-security
(depends on platform)
When I right-click on the local html page and select "Inspect with FireBug Lite" nothing happens... on regular online sites it works except for "https://chrome.google.com/webstore/category/apps"
anyone had the same experience? I have the latest version of the extension (but it's from 2011 :/)
UPDATE: on some local sites it does show! on two web apps (PHP, Rails) it did work, but on a few static HTML files I tried it didn't....
Apparently this is normal...:
It doesn't work on local pages
If by "local pages" you mean files accessed via "file:///" protocol then yes, Firebug Lite doesn't work with "file:///" protocol. This is a JavaScript security restriction to prevent malicious web pages from accessing files in your your machine. Also, please note that the while you can load a "local page" in the browser (it will render properly) it will NOT behave exactly the same as when hosted in a web server.
Solution:
You can solve this problem by loading your page in a web server installed in your machine, so you can access that local files through "http://" addresses. This is the best solution: it is safer, and you'll get the most of what Firebug Lite can give you. I recommend using Apache HTTP Server, but you can use anyone (like IIS for example).
Which exact URL are you visiting? It is an internal Chrome's page
(like "chrome://downloads/"), or some page related to Google Chrome
extensions "https://chrome.google.com/extensions/")?
Google Chrome won't allow content scripts (required by Firebug Lite)
running on such pages. The problem is that Chrome does not inform the
user and neither the extension about it. In other words, there is no way
to Firebug Lite know if the content script was loaded or not, and we
worked around this by sniffing the URL and detecting when you visit
URLs that begins with "chrome://" or "https://chrome.google.com/extensions/",
alerting users in such cases.
You've few options to fix the solution.
One is to use Mozilla Firefox.
Second, install a web server on your system. Try WAMP or XAMPP. Once installed, store all the web pages in the root folder of the web server you just created. Save all the web pages and html files in C:\xampp\htdocs. Navigate to the locally stored webpages using your web browser by going to “127.0.0.1/index.html” or “localhost/index.html”.
Now you can use Firebug-Lite for Google Chrome on local files.
I have successfully created an appcache manifest that is downloading all of the website content. I have checked this through chrome dev and it's all working.
The issue I am having now is that even although the entire website has been cached, I am unable to access the cached pages when offline, unless I had accessed them online.
I am using Apache and accessing the website via an iPad using safari browser.
I have an idea that this may be due to the server not allowing access to cached pages unless they had been accessed online as some kind of security measure.
Any ideas?
if your files are in PHP or ASP this will not work.
It need to be JavaScript or other files that can be run localy like Image, HTML.
I have a HTML5 webapp which is running perfectly when served via the IIS without authentication.
Is is using a cache.manifest file.
Both when running in safari, and as an "add to homescreen" fullscreen app, once I update the manifest file on the server, and the app will update.
When I turn on authentication on all files except the cache.manifest, then I only see the update when running it in the safari browser.
If I add it to the homescreen, I am not able to make the app update the cache.
If I wireshark the traffic on the server, I can see the manifest file is fetched without problems, but all the files in the manifest file hits a 401 Unautorized error.
Any idea how I can fix this? Running it in the safari browser is working..
Any help is highly appreciated.
Safari is much more aware of HTTP Basic Auth, but web.app (the home screen web app handler, which is basically a UIWebView wrapper) isn't as full-featured and doesn't appear to support basic auth.
It seems you may need to work around this with either a server-side solution to append an authentication key to the filename (such as application.css?longhexkey) to bypass basic auth, or go with a more traditional login form (which may require significant changes to your app)
Same issue on Sencha forums: Unanswered: Forcing re-authentication after offline usage on iOS devices?