I want to launch a local exe-file (without saving it to another location first) upon clicking on a link on a local html file.
It either needs to work in IE, Firefox, Chrome or Opera, I don't care. It's just for a presentation tomorrow.
It's simply not possible. If it was, it would be considered a security flaw and fixed. On Firefox within hours, on IE within some months.
UPDATE: You could try registering your custom protocol: http://openwinforms.com/run_exe_from_javascript.html
But I believe the browser will still prompt you whether you want to run the app.
I want to share my experience.
The accepted response says that it is not possible but it is quite possible indirectly.
If you want to execute an exe on a pc, it means that you have acces on this pc and you can install your exe on that machine.
In my case, I had to take a 3D scan from a 3D scanner via a web application. It seemed impossible at the beginning.
After lots of research, I found that we can send socket messages via javascript.
It means that if we had an application which listens a specific port, it can communicate with a website.
Let's explain how I did this.
In my web application, I created a javascript method like this :
function openCapron3DScanner(foot) {
$("#div-wait").show();
//Creates a web socket pointed to local and the port 21000
var ws = new WebSocket("ws://127.0.0.1:21000");
ws.onopen = function () {
//Sends the socket message to the application which listens the port 21000
ws.send(foot + "-" + #ProjectHelper.CurrentProject.Proj_ID);
};
ws.onerror = function myfunction() {
$("#div-wait").hide();
alert("Erreur connection scanner.");
}
ws.onmessage = function (evt) {
//Receives the message and do something...
var received_msg = evt.data;
if (received_msg == "ErrorScan") {
alert("Erreur scan.");
}
else {
refreshCurrentProject();
}
};
ws.onclose = function () {
$("#div-wait").hide();
};
};
And I created a windows forms application who listens the localhost and port 21000.
This application is hidden, only shown in icon tray.
The only thing to do is to add the application on windows startup via code on the first load to assure that the next restart of windows it will be executed and listen the port.
private static WebSocketServer wsServer;
static WebSocketSession LastSession;
private void Form1_Load(object sender, EventArgs e)
{
wsServer = new WebSocketServer();
int port = 21000;
wsServer.Setup(port);
wsServer.NewMessageReceived += WsServer_NewMessageReceived;
wsServer.Start();
}
private static void WsServer_NewMessageReceived(WebSocketSession session, string value)
{
if (value.StartsWith("ScanComplete-"))
{
//If the scan is ok, uploads the result to the server via a webservice and updates the database.
UploadImage(value);
//Sends a confirmation answer to the web page to make it refresh itself and show the result.
if (LastMacSession != null)
LastMacSession.Send("ScanComplete");
}
else if (value == "ErrorScan")
{
//If the C++ application sends an error message
if (LastMacSession != null)
LastMacSession.Send("ErrorScan");
}
else//call the 3D Scanner from the web page
{
LastSession = session;//Keeps in memory the last session to be able to answer via a socket message
//Calls the C++ exe with parameters to save the scan in the related folder.
//In could be don in this same application if I had a solution to consume the scanner in C#.
var proc = System.Diagnostics.Process.Start(#"C:\Program Files\MyProjectFolder\MyScannerAppC++.exe", projectID + " " + param);
}
}
I hope it will help.
Use System.Diagnostics.Process.Start() method.
protected void LinkButton1_Click(object sender, EventArgs e)
{
System.Diagnostics.Process.Start("notepad.exe");
}
You'll have to use C#, but since that's on your post, it should work. You'll also need the full path, if the file is not in your environment path that's loaded in memory.
For a 'regular link' you'd still need to place this in an ASPX page.....
Click me
We're getting really fugly now though.
You can't run an exe file on a website. (First, if it's a Linux server, exe files won't run on it and second, if you're on a Windows server, your host would kill the program immediately. And probably terminate your account.)
That link (assuming it was Play Now!) will just allow your user to download the file. (C:\Program Files\World of Warcraft\ exists on your computer, but it doesn't exist on the web server.)
You could setup a custom protocol on your local OS, if it's Windows, in regedit.
Check out this and this.
Then you create a simple HTML page, and place a link, something like this :
Start!
Given that you registered your custom "presentation" protocol, and configured it correctly in the registry, the application should launch when you click that link.
Related
I am trying to send a live stream from FMLE to a CDN, but passing through our FMS (installed locally); so the chain I have is:
FMLE => FMS => CDN
Now, publishing to the CDN is username/password protected. If I try to connect directly from FMLE to the CDN, FMLE opens a layer asking for credentials to "Connect to FMS" - I fill the form with username and password provided by the CDN, click on OK, and everithing works fine.
The problem comes when introducing the FMS: I created a simple application in FMS to republish the stream (simplified code below), and it works fine for CDN that don't ask for username/password, but I'm not able to figure out how to send credentials from the FMS application to the CDN.
Here the code I'm using (it's simplified, I'm putting here only the core code):
application.onPublish = function (oClient, oStream)
{
application.nc = new NetConnection (); // Creating new NetConnection
application.nc.connect (FMS_url); // Connecting to CDN
application.ns = new NetStream (application.nc); // Creating new NetStream
application.ns.setBufferTime (1); // Setting buffer time
application.ns.attach (oStream); // Attaching incoming streaming
application.ns.publish ("stream_name", "live"); // Publishing
}
More info:
We do need to pass through FMS, so "why don't you stream directly to the CDN ?" is not an option :-)
FMS URL and credentials are correct, it's not any typing error :-(
After application.nc.connect(), the onStatus event is fired with NetConnection.Connect.Success, but inmediately after that it is fired again with NetConnection.Connect.Closed (without any other info).
Following suggestions found on the web, I tryed things like
application.nc.connect (FMS_url);
or
application.nc.connect (FMS_url + "?username&password");
or adding
application.nc.addHeader ("Credentials", false, { userid: "username", password: "password" });
... but nothing seems to work, the result is always the same.
Any suggestion ? :-) Thank you in advance, best regards
I have an Adobe Air desktop app that was used for an event recently that thousands of people used simultaneously started getting failed network checks when using google.com as a polling URL. Having each app checking every 3 seconds to that URL, about 10 minutes into the event every app started being redirected to a validation page on Google asking the user to prove they aren't a robot which obviously they couldn't see and therefore all users were told they had no internet. I am already using Akamai's Advanced Streaming plugin (which is based on OSMF [which uses NetStream]) for the video streaming. Is there a better way to check for a network connection (preferably just using the existing NetStream object).
Here is the existing code for the network monitor:
public function checkNetwork(url:String):void {
var urlRequest:URLRequest = new URLRequest(url);
urlRequest.method = "GET";
urlMonitor = new URLMonitor(urlRequest);
urlMonitor.addEventListener(StatusEvent.STATUS,onStatusChange);
urlMonitor.pollInterval = 3000;
urlMonitor.start();
}
private function onStatusChange(event:StatusEvent):void {
if(urlMonitor.available) {
isNetworkDown = false;
dispatchEvent(new Event("NetworkManager.NETWORK_UP"));
}
else {
isNetworkDown = true;
dispatchEvent(new Event("NetworkManager.NETWORK_DOWN"));
}
}
I don't think polling a remote URL is the best way to check for internet connectivity (At least every 3 seconds). AIR has the ability to check the network itself like so:
air.NativeApplication.nativeApplication.addEventListener(air.Event.NETWORK_CHANGE, onNetworkChange);
function onNetworkChange(event)
{
//Check resource availability
}
The Event.NETWORK_CHANGE event does not indicate a change in all
network activity, but only that a network connection has changed. AIR
does not attempt to interpret the meaning of the network change.
http://help.adobe.com/en_US/AIR/1.5/devappshtml/WS5b3ccc516d4fbf351e63e3d118666ade46-7fcc.html
With that said, I would put your polling request inside the onNetworkChange event that way it checks only when necessary.
I have a windows service. In the OnStart method, I am performing some operation and if one of the operation fails, I want service to stop. In the Catch block I am writing below mentioned code:
var srvc = new System.ServiceProcess.ServiceController("Scv1", "localhost");
srvc.Stop();
srvc.WaitForStatus(System.ServiceProcess.ServiceControllerStatus.Stopped);
It does the job well but windows shows me a messagebox:
---------------------------
Services
---------------------------
The xxx service on Local Computer started and then stopped. Some services stop automatically if they are not in use by other services or programs.
---------------------------
OK
---------------------------
Am I doing something wrong here? How do I suppress the messagebox?
I created a basic test service in C#, installed it on Windows 7, and then tried to start it.
using System.ServiceProcess;
public class MyService : ServiceBase
{
static void Main()
{
System.ServiceProcess.ServiceBase.Run( new MyService() );
}
protected override void OnStart( string[] args )
{
bool failed = true;
// Do stuff...
// Oops, we failed! Time to stop!
if( failed ) {
base.Stop();
return;
}
base.OnStart( args );
}
}
When it fails, yes, I do see the message box that you describe. This message box is not part of your service -- the Services window is showing that. If you were to open an administrator command prompt and type the following:
net start Scv1
Then you would see a text-based error message instead of a message box.
In either case, you are running a program that asks the SCM to start your service. Your service failed to start. That failure is reported back to the program. The program has decided to display an error message to inform the user. That is beyond your control.
You can actually check the event handler. It will intimate you the mistake you have done in the configuration file. Some syntax error in the configuration file will be the reason for this kind of message box.
I have designed an Applet to take a screenshot and save it on the users computer using the java.awt.Robot class. I need to embedd this applet into an html page (using the object tag) so that when the user clicks a button on the webpage the screenshot is taken.
The applet itself works fine, i've tested it by adding a temporary main method to it and running it on my local machine as a regular java app.
Where I'm having difficulty is setting up permissions to allow it to run from its embedded location. Obviously the robot class is somewhat hazardous so an AWTPermission needs to be established and the applet itself needs to be signed.
I followed through the tutorial at http://download.oracle.com/javase/tutorial/security/toolsign/index.html and succeeded in creating a signed .jar file and then a policy file that allowed the demo application in that tutorial to run. Where I am now running into issues is how to reconcile what I've learned with the situation my applet will be used in.
My target audience comprises around 100 machines and I need it to be executable on all of them. I have packed my java .class file into a .jar and signed it using keytool and jarsigner. I then uploaded the .jar and .cer files to the server directory where the pages in question are hosted.
However: When I then used policytool to create a new policy file on one of the machines to test the setup I am still unable to execute the applet from the HTML. I get Java.Security.AccessControlException Acess Denied java.awt.AWTPermission createRobot errors.
I rather suspect its the policy step that is going awry, so I'll outline the steps I took:
I download the certificate to the local machine and generate a keystore from it, I launch 'policytool' from this directory through the commandline
I add the directory on the local machine where the keystore generated from and my certificate is located.
I then hit the add policy button and enter the SignedBy alias
Then Add Permissions and select AWTPermission
Targets name I select createRobot
The function field I have been leaving blank as I cant think what would apply here
Signed By in this window is also left blank
I then hit 'OK' and 'Done' and get a warning that there is no public key for the alias I've entered in the first step. I do a 'save as' and save my policyfile to the same directory as I put the certificate and the keystore generated from it.
This is not allowing me to run the applet from the webpage however and my limited understanding of this aspect of programming offers no clues as to what has gone wrong.
Ideas, thoughts, observations? If I havent explicitly mentioned something then I havent done it. My biggest suspect is the warning I recieve but I cant seem to find why its appearing
EDIT: Forgot to mention a step. I manually added to my jre\lib\security\java.security file the line 'policy.url.3=file:/C:/Testing/debugpolicy' since thats the path and policy filename I created during the above steps. I also just now managed to remove the warning I mentioned earlier, I'd been mixing up my alias' and gave the alias for the private keystore rather than the public one during policyfile creation, however I still encounter the same problems
If an applet is correctly signed, no policy file is required, nor is it required to separately upload any certificate. A correctly signed applet will prompt the user for permission when the applet is visited, before it loads. Does the prompt appear?
Here is a small demo. I wrote that demonstrates Defensive loading of trusted applets. That is the security prompt I am referring to.
If the applet is both digitally signed by the developer and trusted by the end user, it should be able to take a screen-shot.
There is one other thing you might try if the applet is trusted, just as an experiment (1). Early in the applet init(), call System.setSecurityManager(null). That will both test if the applet has trust, and wipe away the last remnants of the 'trusted' security manager given to applets.
And in the case that works, and it makes the screen capture successful, it suggests either a bug or Oracle changed their mind about the defaults of what a trusted applet could do.
1) Don't do this in a real world or production environment. To quote Tom Hawtin:
This question appears to have given some the impression that calling System.setSecurityManager(null); is okay. ... In case anyone has any doubts, changing global state in an applet will affect all applets in the same process. Clearing the security manager will allow any unsigned applet to do what it likes. Please don't sign code that plays with global state with a certificate you expect anyone to trust.
Edit 1:
Here is the source of the simple applet used in that demo. For some reason when I originally uploaded it, I decided the source was not relevant. OTOH 3 people have now asked to see the source, for one reason or another. When I get a round tuit I'll upload the source to my site. In the mean time, I'll put it here.
package org.pscode.eg.docload;
import java.awt.*;
import java.awt.event.*;
import javax.swing.*;
import java.net.*;
import java.io.*;
import java.security.*;
/** An applet to display documents that are JEditorPane compatible. */
public class DocumentLoader extends JApplet {
JEditorPane document;
#Override
public void init() {
System.out.println("init()");
JPanel main = new JPanel();
main.setLayout( new BorderLayout() );
getContentPane().add(main);
try {
// It might seem odd that a sandboxed applet can /instantiate/
// a File object, but until it goes to do anything with it, the
// JVM considers it 'OK'. Until we go to do anything with a
// 'File' object, it is really just a filename.
File f = new File(".");
// set up the green 'sandboxed page', as a precaution..
URL sandboxed = new URL(getDocumentBase(), "sandbox.html");
document = new JEditorPane(sandboxed);
main.add( new JScrollPane(document), BorderLayout.CENTER );
// Everything above here is possible for a sandboxed applet
// *test* if this applet is sandboxed
final JFileChooser jfc =
new JFileChooser(f); // invokes security check
jfc.setFileSelectionMode(JFileChooser.FILES_ONLY);
jfc.setMultiSelectionEnabled(false);
JButton button = new JButton("Load Document");
button.addActionListener( new ActionListener(){
public void actionPerformed(ActionEvent ae) {
int result = jfc.showOpenDialog(
DocumentLoader.this);
if ( result==JFileChooser.APPROVE_OPTION ) {
File temp = jfc.getSelectedFile();
try {
URL page = temp.toURI().toURL();
document.setPage( page );
} catch(Exception e) {
e.printStackTrace();
}
}
}
} );
main.add( button, BorderLayout.SOUTH );
// the applet is trusted, change to the red 'welcome page'
URL trusted = new URL(getDocumentBase(), "trusted.html");
document.setPage(trusted);
} catch (MalformedURLException murle) {
murle.printStackTrace();
} catch (IOException ioe) {
ioe.printStackTrace();
} catch (AccessControlException ace) {
ace.printStackTrace();
}
}
#Override
public void start() {
System.out.println("start()");
}
#Override
public void stop() {
System.out.println("stop()");
}
#Override
public void destroy() {
System.out.println("destroy()");
}
}
I need to let users of an application open a folder by clicking a link inside a web page. The path of the folder is on the network and can be accessed from everywhere. I'm probably sure there is no easy way to do this, but maybe I'm mistaken?
Do you want to open a shared folder in Windows Explorer? You need to use a file: link, but there are caveats:
Internet Explorer will work if the link is a converted UNC path (file://server/share/folder/).
Firefox will work if the link is in its own mangled form using five slashes (file://///server/share/folder) and the user has disabled the security restriction on file: links in a page served over HTTP. Thankfully IE also accepts the mangled link form.
Opera, Safari and Chrome can not be convinced to open a file: link in a page served over HTTP.
The URL file://[servername]/[sharename] should open an explorer window to the shared folder on the network.
Using file:///// just doesn't work if security settings are set to even a moderate level.
If you just want users to be able to download/view files* located on a network or share you can set up a Virtual Directory in IIS. On the Properties tab make sure the "A share located on another computer" is selected and the "Connect as..." is an account that can see the network location.
Link to the virtual directory from your webpage (e.g. http://yoursite/yourvirtualdir/) and this will open up a view of the directory in the web browser.
*You can allow write permissions on the virtual directory to allow users to add files but not tried it and assume network permissions would override this setting.
A bit late to the party, but I had to solve this for myself recently, though slightly different, it might still help someone with similar circumstances to my own.
I'm using xampp on a laptop to run a purely local website app on windows. (A very specific environment I know). In this instance, I use a html link to a php file and run:
shell_exec('cd C:\path\to\file');
shell_exec('start .');
This opens a local Windows explorer window.
make sure your folder permissions are set so that a directory listing is allowed then just point your anchor to that folder using chmod 701 (that might be risky though)
for example
<a href="./downloads/folder_i_want_to_display/" >Go to downloads page</a>
make sure that you have no index.html any index file on that directory
What I resolved doing is installing a local web service on every person's computer that listens on port 9999 for example and opens a directory locally when told to. My example node.js express app:
import { createServer, Server } from "http";
// server
import express from "express";
import cors from "cors";
import bodyParser from "body-parser";
// other
import util from 'util';
const exec = util.promisify(require('child_process').exec);
export class EdsHelper {
debug: boolean = true;
port: number = 9999
app: express.Application;
server: Server;
constructor() {
// create app
this.app = express();
this.app.use(cors());
this.app.use(bodyParser.json());
this.app.use(bodyParser.urlencoded({
extended: true
}));
// create server
this.server = createServer(this.app);
// setup server
this.setup_routes();
this.listen();
console.info("server initialized");
}
private setup_routes(): void {
this.app.post("/open_dir", async (req: any, res: any) => {
try {
if (this.debug) {
console.debug("open_dir");
}
// get path
// C:\Users\ADunsmoor\Documents
const path: string = req.body.path;
// execute command
const { stdout, stderr } = await exec(`start "" "${path}"`, {
// detached: true,
// stdio: "ignore",
//windowsHide: true, // causes directory not to open sometimes?
});
if (stderr) {
throw stderr;
} else {
// return OK
res.status(200).send({});
}
} catch (error) {
console.error("open_dir >> error = " + error);
res.status(500).send(error);
}
});
}
private listen(): void {
this.server.listen(this.port, () => {
console.info("Running server on port " + this.port.toString());
});
}
public getApp(): express.Application {
return this.app;
}
}
It is important to run this service as the local user and not as administrator, the directory may never open otherwise.
Make a POST request from your web app to localhost: http://localhost:9999/open_dir, data: { "path": "C:\Users\ADunsmoor\Documents" }.
Does not work in Chrome, but this other answers suggests a solution via a plugin:
Can Google Chrome open local links?
You can also copy the link address and paste it in a new window to get around the security. This works in chrome and firefox but you may have to add slashes in firefox.
Hope it will help someone someday. I was making a small POC and came across this.
A button, onClick display contents of the folder. Below is the HTML,
<input type=button onClick="parent.location='file:///C:/Users/' " value='Users'>
I was looking for File System Access API and ended up in this question.
I know that API doesn't allow one to open an html link to a folder, but it does allow for opening local folders and files. For more information, take a look here:
https://web.dev/file-system-access/