I've got a slightly unusual scenario. A web app running on a local network can perform various operations on any file on the network it can access. At present the user copies/pastes the UNC path to the file into a text input and clicks submit.
The server retrieves the file, performs some operations and returns the results to the user.
I'd like to allow the user to browse for the file using the webpage - but I don't want to upload the file, just get the full path to it. Is this possible?
I'm aware there will be a couple of scenarios which are doomed to failure - eg browsing to a local path not a UNC share but I can cover this with some validation. There will also be scenarios when the server can access a path the user can't (this is intentional) so browsing wouldn't work here.
All users will be techies who should get the point. Of course, if there were a way to limit the browse dialog to a UNC path, that would be even better but I suspect it's impossible.
Note, we already limit support to the latest versions of the main browsers and since this is just a utility feature, limited support is acceptable.
Sorry, that can't be done. It's a security feature.
Related
I'd like to have an html file that organizes certain files scattered throughout my hard drive. For example, I have two files that I would link to:
C:\Programs\sort.mw
C:\Videos\lecture.mp4
The problem is that I'd like the links to function as a shortcut to the file. I've tried the following:
Link 1
Link 2
... but the first link does nothing and the second link opens the file in Chrome, not VLC.
My questions are:
Is there a way to adjust my HTML to treat the links as shortcuts to the files?
If there isn't a way to adjust the HTML, are there any other ways to neatly link to files scattered throughout the hard drive?
My computer runs Windows 7 and my web browser is Chrome.
You need to use the file:/// protocol (yes, that's three slashes) if you want to link to local files.
Link 1
Link 2
These will never open the file in your local applications automatically. That's for security reasons which I'll cover in the last section. If it opens, it will only ever open in the browser. If your browser can display the file, it will, otherwise it will probably ask you if you want to download the file.
You cannot cross from http(s) to the file protocol
Modern versions of many browsers (e.g. Firefox and Chrome) will refuse to cross from the http(s) protocol to the file protocol to prevent malicious behaviour.
This means a webpage hosted on a website somewhere will never be able to link to files on your hard drive. You'll need to open your webpage locally using the file protocol if you want to do this stuff at all.
Why does it get stuck without file:///?
The first part of a URL is the protocol. A protocol is a few letters, then a colon and two slashes. HTTP:// and FTP:// are valid protocols; C:/ isn't and I'm pretty sure it doesn't even properly resemble one.
C:/ also isn't a valid web address. The browser could assume it's meant to be http://c/ with a blank port specified, but that's going to fail.
Your browser may not assume it's referring to a local file. It has little reason to make that assumption because webpages generally don't try to link to peoples' local files.
So if you want to access local files: tell it to use the file protocol.
Why three slashes?
Because it's part of the File URI scheme. You have the option of specifying a host after the first two slashes. If you skip specifying a host it will just assume you're referring to a file on your own PC. This means file:///C:/etc is a shortcut for file://localhost/C:/etc.
These files will still open in your browser and that is good
Your browser will respond to these files the same way they'd respond to the same file anywhere on the internet. These files will not open in your default file handler (e.g. MS Word or VLC Media Player), and you will not be able to do anything like ask File Explorer to open the file's location.
This is an extremely good thing for your security.
Sites in your browser cannot interact with your operating system very well. If a good site could tell your machine to open lecture.mp4 in VLC.exe, a malicious site could tell it to open virus.bat in CMD.exe. Or it could just tell your machine to run a few Uninstall.exe files or open File Explorer a million times.
This may not be convenient for you, but HTML and browser security weren't really designed for what you're doing. If you want to be able to open lecture.mp4 in VLC.exe consider writing a desktop application instead.
If you are running IIS on your PC you can add the directory that you are trying to reach as a Virtual Directory.
To do this you right-click on your Site in ISS and press "Add Virtual Directory".
Name the virtual folder. Point the virtual folder to your folder location on your local PC.
You also have to supply credentials that has privileges to access the specific folder eg. HOSTNAME\username and password.
After that you can access the file in the virtual folder as any other file on your site.
http://sitename.com/virtual_folder_name/filename.fileextension
By the way, this also works with Chrome that otherwise does not accept the file-protocol file://
Hope this helps someone :)
Janky at best
right click </td>
and then right click, select "copy location" option, and then paste into url.
back to 2017:
use URL.createObjectURL( file ) to create local link to file system that user select;
don't forgot to free memory by using URL.revokeObjectURL()
I've a way and work like this:
<'a href="FOLDER_PATH" target="_explorer.exe">Link Text<'/a>
I'd like to have an html file that organizes certain files scattered throughout my hard drive. For example, I have two files that I would link to:
C:\Programs\sort.mw
C:\Videos\lecture.mp4
The problem is that I'd like the links to function as a shortcut to the file. I've tried the following:
Link 1
Link 2
... but the first link does nothing and the second link opens the file in Chrome, not VLC.
My questions are:
Is there a way to adjust my HTML to treat the links as shortcuts to the files?
If there isn't a way to adjust the HTML, are there any other ways to neatly link to files scattered throughout the hard drive?
My computer runs Windows 7 and my web browser is Chrome.
You need to use the file:/// protocol (yes, that's three slashes) if you want to link to local files.
Link 1
Link 2
These will never open the file in your local applications automatically. That's for security reasons which I'll cover in the last section. If it opens, it will only ever open in the browser. If your browser can display the file, it will, otherwise it will probably ask you if you want to download the file.
You cannot cross from http(s) to the file protocol
Modern versions of many browsers (e.g. Firefox and Chrome) will refuse to cross from the http(s) protocol to the file protocol to prevent malicious behaviour.
This means a webpage hosted on a website somewhere will never be able to link to files on your hard drive. You'll need to open your webpage locally using the file protocol if you want to do this stuff at all.
Why does it get stuck without file:///?
The first part of a URL is the protocol. A protocol is a few letters, then a colon and two slashes. HTTP:// and FTP:// are valid protocols; C:/ isn't and I'm pretty sure it doesn't even properly resemble one.
C:/ also isn't a valid web address. The browser could assume it's meant to be http://c/ with a blank port specified, but that's going to fail.
Your browser may not assume it's referring to a local file. It has little reason to make that assumption because webpages generally don't try to link to peoples' local files.
So if you want to access local files: tell it to use the file protocol.
Why three slashes?
Because it's part of the File URI scheme. You have the option of specifying a host after the first two slashes. If you skip specifying a host it will just assume you're referring to a file on your own PC. This means file:///C:/etc is a shortcut for file://localhost/C:/etc.
These files will still open in your browser and that is good
Your browser will respond to these files the same way they'd respond to the same file anywhere on the internet. These files will not open in your default file handler (e.g. MS Word or VLC Media Player), and you will not be able to do anything like ask File Explorer to open the file's location.
This is an extremely good thing for your security.
Sites in your browser cannot interact with your operating system very well. If a good site could tell your machine to open lecture.mp4 in VLC.exe, a malicious site could tell it to open virus.bat in CMD.exe. Or it could just tell your machine to run a few Uninstall.exe files or open File Explorer a million times.
This may not be convenient for you, but HTML and browser security weren't really designed for what you're doing. If you want to be able to open lecture.mp4 in VLC.exe consider writing a desktop application instead.
If you are running IIS on your PC you can add the directory that you are trying to reach as a Virtual Directory.
To do this you right-click on your Site in ISS and press "Add Virtual Directory".
Name the virtual folder. Point the virtual folder to your folder location on your local PC.
You also have to supply credentials that has privileges to access the specific folder eg. HOSTNAME\username and password.
After that you can access the file in the virtual folder as any other file on your site.
http://sitename.com/virtual_folder_name/filename.fileextension
By the way, this also works with Chrome that otherwise does not accept the file-protocol file://
Hope this helps someone :)
Janky at best
right click </td>
and then right click, select "copy location" option, and then paste into url.
back to 2017:
use URL.createObjectURL( file ) to create local link to file system that user select;
don't forgot to free memory by using URL.revokeObjectURL()
I've a way and work like this:
<'a href="FOLDER_PATH" target="_explorer.exe">Link Text<'/a>
I'm working on a web page. In chrome, Is there a way to return original path of some file, rather than fake path. I need my page to read the local path which the user selects and that local user path will be sent to back end for some functionality.
Chrome always returns C:/fakepath/text.txt but I need actual path like C:/users/abc/text.txt (original path)
Is there a way to do that by changing some chrome settings ?
You can't, security feature. And because it's a security feature, there's no way around it. disclosing the path could give away personally identifiable information such as the users real name (common account name) or the location of other similar files.
I'd like to have an html file that organizes certain files scattered throughout my hard drive. For example, I have two files that I would link to:
C:\Programs\sort.mw
C:\Videos\lecture.mp4
The problem is that I'd like the links to function as a shortcut to the file. I've tried the following:
Link 1
Link 2
... but the first link does nothing and the second link opens the file in Chrome, not VLC.
My questions are:
Is there a way to adjust my HTML to treat the links as shortcuts to the files?
If there isn't a way to adjust the HTML, are there any other ways to neatly link to files scattered throughout the hard drive?
My computer runs Windows 7 and my web browser is Chrome.
You need to use the file:/// protocol (yes, that's three slashes) if you want to link to local files.
Link 1
Link 2
These will never open the file in your local applications automatically. That's for security reasons which I'll cover in the last section. If it opens, it will only ever open in the browser. If your browser can display the file, it will, otherwise it will probably ask you if you want to download the file.
You cannot cross from http(s) to the file protocol
Modern versions of many browsers (e.g. Firefox and Chrome) will refuse to cross from the http(s) protocol to the file protocol to prevent malicious behaviour.
This means a webpage hosted on a website somewhere will never be able to link to files on your hard drive. You'll need to open your webpage locally using the file protocol if you want to do this stuff at all.
Why does it get stuck without file:///?
The first part of a URL is the protocol. A protocol is a few letters, then a colon and two slashes. HTTP:// and FTP:// are valid protocols; C:/ isn't and I'm pretty sure it doesn't even properly resemble one.
C:/ also isn't a valid web address. The browser could assume it's meant to be http://c/ with a blank port specified, but that's going to fail.
Your browser may not assume it's referring to a local file. It has little reason to make that assumption because webpages generally don't try to link to peoples' local files.
So if you want to access local files: tell it to use the file protocol.
Why three slashes?
Because it's part of the File URI scheme. You have the option of specifying a host after the first two slashes. If you skip specifying a host it will just assume you're referring to a file on your own PC. This means file:///C:/etc is a shortcut for file://localhost/C:/etc.
These files will still open in your browser and that is good
Your browser will respond to these files the same way they'd respond to the same file anywhere on the internet. These files will not open in your default file handler (e.g. MS Word or VLC Media Player), and you will not be able to do anything like ask File Explorer to open the file's location.
This is an extremely good thing for your security.
Sites in your browser cannot interact with your operating system very well. If a good site could tell your machine to open lecture.mp4 in VLC.exe, a malicious site could tell it to open virus.bat in CMD.exe. Or it could just tell your machine to run a few Uninstall.exe files or open File Explorer a million times.
This may not be convenient for you, but HTML and browser security weren't really designed for what you're doing. If you want to be able to open lecture.mp4 in VLC.exe consider writing a desktop application instead.
If you are running IIS on your PC you can add the directory that you are trying to reach as a Virtual Directory.
To do this you right-click on your Site in ISS and press "Add Virtual Directory".
Name the virtual folder. Point the virtual folder to your folder location on your local PC.
You also have to supply credentials that has privileges to access the specific folder eg. HOSTNAME\username and password.
After that you can access the file in the virtual folder as any other file on your site.
http://sitename.com/virtual_folder_name/filename.fileextension
By the way, this also works with Chrome that otherwise does not accept the file-protocol file://
Hope this helps someone :)
Janky at best
right click </td>
and then right click, select "copy location" option, and then paste into url.
back to 2017:
use URL.createObjectURL( file ) to create local link to file system that user select;
don't forgot to free memory by using URL.revokeObjectURL()
I've a way and work like this:
<'a href="FOLDER_PATH" target="_explorer.exe">Link Text<'/a>
In my app I upload a file to the server using HTML5 File API, however I am encountering a situation where a file is not accessible because it is being used by another process. This actually creates two different error conditions in firefox and in chrome. Is there a way to detect if a file is inaccessible using html5?
Have you looked the sample in this link which shows how you can read a file and in case of error you can write proper error handler:
http://www.azoft.com/spotlight/2011/02/02/filesystem-apifile-api.html
About your second questions "if there's an API call to just check if it is readable without actually having to read it locally", I verified that there is no such API to just get the file handle state and verify it. I think it could be because (but i may be wrong):
the web application runs on any box with limited privilege and getting file handle could require SYSTEM level access
The file handle access could be different for different OS (Linux or Windows)