I'm developing a HTML5/.net POC in which I have a local HTML5 webapp shown inside a .net (C#) WebBrowser control.
The page is developed in asp.net MVC, downloaded as a single .htm file (using Chrome's SingleFile extension) and saved in a DB (or stored in a filesystem, doesn't matter), loaded and shown inside a .net webbrowser control.
[almost] Everything works: the page is rendered correctly, i can invoke js functions from C#, etc.
But now I have to show some pdf inline inside the page. The pdf is not served from a remote server (there's no server at all), but will be loaded from the filesystem (e.g. a temp file). The idea I have is to make a js function like showPdf(path, pageNum) in the html5 app and call it from .net.
The problem is that it looks there's no way (at least I couldn't find it) to load local pdf, both using Mozilla's pdf.js or html tags, I get "Not allowed to load local resource" in Chrome console/"Access denied" alert in IE.
Is there some kind of component I can try/option I can set to allow the browser to load local pdfs?
The WebBrowser component uses IE to render the page, so maybe some kind of IE option/key registry I can change (the machines that will eventually use this webapp are known, we can configure them as we want)?.
You could try a traditional anchor element (<a href="file:...">) and then enable the File Protocol Navigation feature control for your app. (And, though it may seem obvious, it's probably worth confirming that IE feature controls do not to enable functionality in other browsers.)
I don't know that this would work, but it seems like a possible solution given the question.
Note that accessing file objects may permission to access local file system objects may be disabled by other policies or security measures. More info/research may be needed.
Hope this helps...
-- Lance
I forgot to write here how I solved it:
well, it was a webapp shown inside a WinForm WebBrowser control, so I used this article to call a C# method from JS. The C# method used the default OS pdf reader to show the pdf inside the form.
Related
What CoInternetSetFeatureEnabled feature are required to access local files over ajax in Forms WebBrowser component (W10, mshtml v11, Trident)? Assuming Localmachine_Lockdown is 0 and JS is working, but jQuery AJAX fails with IE error 2147024891 "Access Denied". Desired behaviour: like Chrome with "--allow-file-access-from-files" flag. CefSharp & Co are no option, unfortunatelly.
Use case: imagine a large JS-App (AMD modules, JSON-configs, etc) you want to put in your WF application, local security policy prohibits using of a simple web server and there is no way to install a web server somewhere in the local network, no Internet connection available. Yup, that's bad.
Thanks!
I did not manage to find anything that would allow JS access local files in WinForms WebBrowser under Windows10 (and I have tried everything).
So, I have eliminated the problem itself - I have bundled my JS-App into 3 files (html, css and js) so that it doesn't need to load modules anymore. All JSON-configs and language files are moved into WCF Services and accessed just like all other data requests (through a method binded to windows.external with "ObjectForScripting"). From now on the App is working same way it does on a web server.
I am developing a tab pane app in Excel which needs to read the current document. In Word, the Office JavaScript API has the method Office.context.document.getFileAsync(), but this is not available in Excel.
I can get the URL of the document with Office.context.document.getFileProperties(), and then I thought I could read the file with this.
I tried using the HTML5 FileReader() object, but this only works for files selected from the file input control. I tried manipulating a hidden file input control so it automatically uses the current document, but JavaScript understandably prevents you from doing this for security reasons. I could ask the user to browse to the document they are currently using but that would be a poor user experience.
So I tried using ActiveXObject('Scripting.FileSystemObject') but ActiveX is not allowed in tab pane apps at all, whatever the current security setting are in IE.
What other options do I have?
According to the API road map, Office.context.document.getFileAsync() is not available in Excel at this moment.
I don't think it's feasible by using getFilePropertiesAsync(). It only returns the URL. Usually browser forbids developer touching any content in the file system. Therefore, it's hard to access the local file system in JavaScript code.
Besides, the file may not be in local file system. For example, it could be hosted in Onedrive or SharePoint. getFilePropertiesAsync() should return its real URL in Onedrive/SharePoint, instead of local file system.
I guess Microsoft will support getFileAsync() in the future.
I currently have a web app that uses ActiveX / JScript to read files and to read the registry for a web page. Originally when designing the page, it was supposed to be on a site that only supported IE...then things changed and it is no longer that way. My question:
HTML5 is able to read files. Is there any way to read registry entries outside of ActiveX and internet explorer using javascript/html? I'm trying to avoid having to port the entire applet over to use Java, but that may be my best method.
The page makes no modifications, it only reads text files and registry entries.
It is not possible without a third party plugin.
I'm writing an intranet page for my company that requires the use of an embedded dll (COM). The dll is registered on all clients computers so it doesn't need to be downloaded from the page, it just needs to run.
I've tried using the following code to embed the control:
var newObj = new ActiveXObject("servername.classname");
And this works when testing locally, but from the intranet the object fails to instantiate with the js error "automation server can't create object". I suspect this is because IE(7) blocks ActiveX controls by default in the intranet zone. I've also tried using the <object> tag with no luck.
I have a deadline to get this finished and it's unlikely that the IT dept will get around to changing the company security settings before then, so unless its very straightforward for them to do it's not really an option.
So my question is: Is there any possible workaround that will allow me to embed the control so that it will at least prompt the user instead of silently blocking the control, without changing the default security settings in IE?
Almost everyone in the company uses some version of IE (up to 7), so it only needs to work for this.
All help and comments appreciated.
Thanks.
Update:
If this absolutely isn't possible, I'm looking at using the dll from a script on the server in this question. I'd still rather do it client side though because the control has some nice user interfaces available.
if you embed it with an <object> tag it should prompt you regardless; you could then make calls on it through the object tag. another trick which may work is to put: <!-- saved from url=(0013)about:internet --> as the first line of your html file; I don't know if this will work on the intranet zone, but from localhost that will cause the page to be treated as though it were an internet page.
I have used FireBreath plugins (which act as activex controls and can be called in the way you describe) and have never had an issue like this. Good luck!
I'm trying to execute a function like window.alert for example, from actionscript, when both the html file and the swf file are using the file: protocol.
Does anyone know of someway to do this?
without changing global flash security settings
It looks like it's not possible after reading Controlling access to scripts in a host web page.
For SWF files running locally, calls to these APIs are successful only if the SWF file and the containing web page (if there is one) are in the local-trusted security sandbox. Calls to these methods fail if the content is in the local-with-networking or local-with-filesystem sandbox.
Then this page on local sandboxes basically says that won't work unless the swf is in a "local-trusted sandbox" which a user or installer would need to put it in.
This blog post about the "local-with-filesystem sandbox" says:
First, I think the documentation here is a bit too generous. SWFs loaded from the local file system do face some restrictions. The most relevant restrictions are probably:
The SWF cannot make a call to JavaScript (or vbscript), either through URL or ExternalInterface
The SWF cannot call a HTTP or HTTPS request.
Querystring parameters (ex. Blah.php?querystring=qs-value) are stripped and will not be passed (even for requests to local files)
There is a document "Controlling access to scripts in a host web page" that describes the various ways and restrictions on allowing Flash content to interact with Javascript.
According to the doc, as long as your embed tag contains AllowScriptAccess set to "always" you should be fine regardless of where the page is loaded from.
You need to update the Flash Player settings so that your file path is listed as a "trusted location." You will then be able to use External Interface and other JS communication methods.
Also, you can't pass default JS functions from AS using External Interface (like alert). You need to write custom functions...
ActionScript:
import flash.external.ExternalInterface;
ExternalInterface.call("alertFromFlash", 'hello');
JavaScript:
function alertFromFlash(str) {
alert(str);
}
Alternatively, if you're distributing this to a customer. It can be difficult to explain how to change Flash Player settings, so you can instead run a server from a CD, which bypassing the need for security settings. I've had good luck with the Flying Ant server in the past.