使用 Javascript 获取完整文件路径的最简单方法
这已经被问过很多次了:我需要通过网页获取完整的文件路径。用例是与浏览器在同一台计算机上运行的应用程序(即应用程序启动本地 HTTP 服务器并启动浏览器。)文件路径现在当然有效并且对于客户端/服务器而言是相同的。用例是用户选择一个文件,然后服务器进程对其进行一些计算,并且输入文件通常很大(读取:大小为几个 GiB)。
最简单的事情是使用 直接访问路径,但是出于安全原因,此功能被禁用。我现在正在寻找对这个问题影响最小的解决方法。有问题的目标浏览器是 Chrome。如果用户必须在某些安全警告上单击“接受”一次,我没问题,只要我能确保它不会再次出现。
我是否必须编写一个扩展,NSPlugin,我可以使用一些特殊的标题魔术将我的页面标记为“本地”,我可以设置一些安全设置吗?客户要做的越少越好,我更喜欢一些“单击此处允许访问......”的解决方案。我可以直接从服务器进程安装一个扩展来执行此操作(在用户单击“接受”之后?)
是否可以使用 Java 小程序/Flash 来执行此操作?这将是最简单的解决方案,并且保证客户安装了 Flash(因为它捆绑在 Chrome 中......)
This has been asked a lot of times already: I need to get the full file path via a web-page. The use case is an application running on the same machine as the browser (i.e. the application starts a local HTTP server and fires up the browser.) File-paths are of course valid and the same for both client/server now. The use case it that the user selects a file and then the server process does some computation on it, and the input files are typically large (read: several GiB in size.)
The easiest thing would be to directly access the path using , but for security reasons, this is disabled. I'm looking now for the least intrusive workaround to this problem. The target browser in question is Chrome. I'm fine if the user has to click "accept" once on some security warning, as long as I can ensure that it won't appear again.
Do I have to write an extension, NSPlugin, can I use some special header magic to mark my page as "local", is there some security setting I can set? The less the client has to do the better, and I would prefer some "click here to allow access ..." solution above everything else. Can I directly install an extension from the server process that would do this (after the user clicks accept?)
Is it possible to do this with a Java applet/Flash? That would be the easiest solution, and clients are guaranteed to have Flash installed (as it is bundled in Chrome...)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您可以为此类任务创建 Java 小程序并对其进行自签名。用户必须允许它运行,但随后您将能够访问小程序的函数,该函数将通过 Javascript 返回文件路径字符串。
You can create Java applet for tasks like this and self-sign it. User will have to allow it to run, but then you will be able to access applet's function that will return file path string via Javascript.
显然,JavaScript 禁止客户端系统上的文件 io。如果不是这种情况,那么破解每个访问您网站的网络浏览器绝对是微不足道的。
《Battlefield 3》是通过浏览器控制的。为此,EA 为排名前三的浏览器编写了一个浏览器扩展。但这是资源密集型的。如果您只关心 chrome,则可以使用插件,为此我建议使用 NPAPI 。
正如 MOleYArd 所说,Java 是一个很好的解决方案,并且可能比扩展或插件更常见。
Clearly file io on the client's system is forbidden from JavaScript. If this wasn't the case it would be absolutely trivial to hack every web browser that visits your website.
Battlefiled 3 is controlled though the browser. To do this EA wrote a browser extension for the top three browsers. But that's resource intensive. If you just care about chrome you can use an addon, and for that i suggest using the NPAPI.
And as MOleYArd said, Java is a good solution and probably more common than an extension or addon.