andrewaiello
asked on
Bypassing Local File Security allowing javascript to read in a file
Hello All,
I have an html file using javascript to read in a file: this does not work when I browse locally to the file because of security Issues. The error that I get is as follows:
--------
Error: WeekLunchStart is not defined
Source File: file:///C:/lcd/testSchedul
Line: 85
--------
Now, this WeekLunchStart variable is defined in a text file that is read in with the javascript:
getFile('testValues.txt');
-------------------------
function getFile(pURL) {
if (window.XMLHttpRequest) { // code for Mozilla, Safari, etc
xmlhttp=new XMLHttpRequest();
xmlhttp.onreadystatechange
xmlhttp.open("GET", pURL, true);
xmlhttp.send(null);
} else if (window.ActiveXObject) { //IE
xmlhttp=new ActiveXObject('Microsoft.X
if (xmlhttp) {
xmlhttp.onreadystatechange
xmlhttp.open('GET', pURL, true);
xmlhttp.send();
}
}
}
// function to handle asynchronous call
function postFileReady() {
if (xmlhttp.readyState==4) {
if (xmlhttp.status==200) {
eval(xmlhttp.responseText)
document.getElementById('t
}
}
}
------------------
I tried overriding the security issue with: https://addons.mozilla.org/en-US/firefox/addon/281
as well as modifying the user.js firefox preference file to try to allow it:
in my profiles folder at: C:\Documents and Settings\Administrator\App
user_pref("capability.poli
user_pref("capability.poli
user_pref("capability.poli
It still doesn't work; did I do something incorrect? I need to have this working by the end of the day or its my head. Please help; and thank you!
I have an html file using javascript to read in a file: this does not work when I browse locally to the file because of security Issues. The error that I get is as follows:
--------
Error: WeekLunchStart is not defined
Source File: file:///C:/lcd/testSchedul
Line: 85
--------
Now, this WeekLunchStart variable is defined in a text file that is read in with the javascript:
getFile('testValues.txt');
-------------------------
function getFile(pURL) {
if (window.XMLHttpRequest) { // code for Mozilla, Safari, etc
xmlhttp=new XMLHttpRequest();
xmlhttp.onreadystatechange
xmlhttp.open("GET", pURL, true);
xmlhttp.send(null);
} else if (window.ActiveXObject) { //IE
xmlhttp=new ActiveXObject('Microsoft.X
if (xmlhttp) {
xmlhttp.onreadystatechange
xmlhttp.open('GET', pURL, true);
xmlhttp.send();
}
}
}
// function to handle asynchronous call
function postFileReady() {
if (xmlhttp.readyState==4) {
if (xmlhttp.status==200) {
eval(xmlhttp.responseText)
document.getElementById('t
}
}
}
------------------
I tried overriding the security issue with: https://addons.mozilla.org/en-US/firefox/addon/281
as well as modifying the user.js firefox preference file to try to allow it:
in my profiles folder at: C:\Documents and Settings\Administrator\App
user_pref("capability.poli
user_pref("capability.poli
user_pref("capability.poli
It still doesn't work; did I do something incorrect? I need to have this working by the end of the day or its my head. Please help; and thank you!
ASKER
no: the file: file:///C:/lcd/testSchedul
This works for me:
<html>
<head>
<title>Zvonko *</title>
<script>
window.onload = function(){
getFile('testValues.txt');
}
function getFile(fileName){
window.frames.textFrame.lo
}
function postFileReady(){
if(window.frames.textFrame
var responseText = window.frames.textFrame.do
responseText = responseText.replace(/<[^>
document.getElementById('t
eval(responseText);
alert(WeekLunchStart);
}
}
</script>
</head>
<body>
<iframe name="textFrame" onLoad="postFileReady()" height="0" width="0" ></iframe>
<div id="theExample"></div>
</body>
</html>
<html>
<head>
<title>Zvonko *</title>
<script>
window.onload = function(){
getFile('testValues.txt');
}
function getFile(fileName){
window.frames.textFrame.lo
}
function postFileReady(){
if(window.frames.textFrame
var responseText = window.frames.textFrame.do
responseText = responseText.replace(/<[^>
document.getElementById('t
eval(responseText);
alert(WeekLunchStart);
}
}
</script>
</head>
<body>
<iframe name="textFrame" onLoad="postFileReady()" height="0" width="0" ></iframe>
<div id="theExample"></div>
</body>
</html>
ASKER
Hmm; this seems to work around the security issues... but I think I am having a problem integrating it into my file because it needs to keep being called on a timer.
I am trying to get it working myself; but if you can could you take a look at the source of this page: https://ssl117.alentus.com/jkingsweb/gbt/PaxTest/TestLocal/testSchedule.html
And see if you can help me integrate your code into mine (i tried just swaping the two functions but that didn't work). I'll work on it myself too; but if you could help I'd be super in your debt; I need this working in an hour or I am dead!! Thanks!!!
I am trying to get it working myself; but if you can could you take a look at the source of this page: https://ssl117.alentus.com/jkingsweb/gbt/PaxTest/TestLocal/testSchedule.html
And see if you can help me integrate your code into mine (i tried just swaping the two functions but that didn't work). I'll work on it myself too; but if you could help I'd be super in your debt; I need this working in an hour or I am dead!! Thanks!!!
ASKER
Also note that in my file i dont need to display the values that are read in; they are used for further javascript calculations.
ASKER
I think the thing that is messing me up with trying to integrate it is the Asynchronous calling of the postFileReady Function that needs to happen in my code.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Can you send me your phone number to the email address in my profile?
ASKER
Hmm, its weird; that worked the first few times I tried it; but now its not redirecting anymore.
ASKER
Want my phone #? Gonna call me and tell me what a bad programmer I am, lol ?
I do not see what you are doing. On your site I see still the same old errors.
ASKER
Oh weird: it only works if this is not commented out:
<div id="txt"></div>
<div id="theExample">Loading...
I guess i'll just have to make that invisible or something if I dont want the text to show up for that brief second.
<div id="txt"></div>
<div id="theExample">Loading...
I guess i'll just have to make that invisible or something if I dont want the text to show up for that brief second.
ASKER
Its okay; it works. All i needed was to make the page redirect to another page based on what time it was and the values in that text file. It now does this. Thank you so much; you really saved my hide!!!
:-)
Is your page also local, then it will work. From web server page it will never work.