I'm trying to get externally-situated csv data to load up in a script, but this fails I think due to browser same origin policy. I've spotted some relevant looking discussion on working around this using cross-document messaging, but to be honest I don't have a clue how to implement this. Grateful for advice on this or another workaround. The script below should print each data line to the browser console but fails.
<html>
<head>
<meta charset='utf-8'>
<script type="text/javascript" src="scripts/d3.v2.js"></script>
<title>CSV reader</title>
</head>
<body>
<script type="text/javascript">
d3.csv("http://www.quake.utah.edu/EQCENTER/LISTINGS/OTHER/Yell_Q32012TT.csv",
function(parseCoords) {
parseCoords.forEach(function(d) {
console.log(d);
});
});
</script>
</body>
</html>
If you are doing something like writing HTML and Javascript in a code editor on your personal computer, and testing the output in your browser, you will probably get error messages about Cross Origin Requests. Your browser will render HTML and run Javascript, jQuery, angularJs in your browser without needing a server set up. But many web browsers are programed to watch for cross site attacks, and will block requests. You don't want just anyone being able to read your hard drive from your web browser. You can create a fully functioning web page using Notepad++ that will run Javascript, and frameworks like jQuery and angularJs; and test everything just by using the Notepad++ menu item, RUN, LAUNCH IN FIREFOX. That's a nice, easy way to start creating a web page, but when you start creating anything more than layout, css and simple page navigation, you need a local server set up on your machine.
I have seen similar problems linking to a file in the drop box public folders area. (specifically https://dl.dropbox.com/u/101577503/D3-Tips-and-Tricks-Latest.pdf). The first time you click on the link from a web page, the downloading of the pdf fails, then refresh and it works. I don't know why it occurs, but I get the same result when I test your 'http://dl.dropbox.com/u/46043231/data/xy.csv' in Chrome. Is it also possible that even if it works first time that you will be stymied by cross domain limitations?
Question abandoned because it seems unanswerable. Will update if I find a solution at a later date.
Related
I'm hitting a very peculiar difference between the Android browser and a WebView. Namely, I have the following markup:
<script type="text/javascript">
<!--
// some js code...
// -->
</script>
Now, in the browser, this works perfectly fine. However, when loading the markup in the WebView using loadData(markup, "text/html", "utf-8"), the JavaScript code is not executed at all.
Now, if I remove the HTML comment tags (<!-- and -->), it works fine in the WebView as well. However, this is not something that I want to do, because the markup is coming from a web service that I'd rather not change.
Is there something I can do with the WebView to accept this markup?
On the whole, the put-the-JavaScript-in-comments trick appears to be no longer the recommended pattern, and so I'd encourage you to reconsider your plan to keep serving it that way.
You have obviously enabled JavaScript in the WebView, otherwise it would not work when you tried removing the comments. I know of no other setting to tell WebView to to ignore the comment markers.
You're welcome to examine the AOSP Browser code to try to find out what they do, though that code is nasty, brutish, and long. You could patch up the HTML before handing it to the WebView. You could set a particular user agent on the WebView and have your Web service hand back cleaned-up HTML for that user agent, leaving the rest of your Web service clients unaffected. And you can see if you get a response to your bug report, though there's no assurance of getting such a response.
Beyond that, I'm out of ideas.
I am working on an web site which will be packed in an .exe file. So the site will only be used offline. Now i need to parse an local xml document. How can i get the file handle to a local file using html5 file api?
EDIT: I dont want to use <input...> or dragging file into browser.
I'm afraid I may be the bearer of bad news for your design: The action you are requesting expressly violates the security model as specified in the File API spec. The client implementation of FileReader() must make sure that "all files that are being read by FileReader objects have first been selected by the user." (W3C File API , 13. Security Considerations: http://www.w3.org/TR/FileAPI/#security-discussion).
It would be a huge security risk of browser scripts could just arbitrarily open and read any file from a path without any user interaction. No browser manufacturer would allow unfettered access to the entire file system like that.
If your script really needs that XML file, you are going to have to instruct users on how to grant the browser access to it, as every browser will prevent your code from opening it directly without user action.
Well, technically there is indeed a way, but you're going to (hopefully) need to bypass the browser's security settings, and it is inherently unsafe, but no more so than anything else requiring specific file locations.
That said...
<html>
<head>
<script>
function foo(){
//insert desired filereading script here.
}
document.getElementById("fileFoo").click();
</script>
</head>
<body>
<input type="file" id="fileFoo" display="hidden" value="filepath.extension" onclick="foo"/>
</body>
</html>
Naturally, I've kept this vague (and slightly unorthodox) for my reasons, but provided you have the necessary control over the environment, it's completely possible.
I am experiencing the same problem these days. I need the website to display some data each time I launch the webpage. The data need to be adaptive to each launch, automatically, so I don't think #Augusto 's link could solve your question.
After trying out different ways (including writing a temporary local XLM or JSON file), I finally persuade myself that maybe "replacing" the "data" in the html file could be the most straightforward way.
I have a html template, within which there is a string like [data]. Each time when launch the webpage, [data] will be replaced by real data like [1,2,3]. So actually it is the new file that is launched.
You can go to enter link description here to see how the "replace" is done. Good luck.
My asp.net mvc application runs under https and it is working just fine.
The problem is when a user goes to the secure portion of the website they get the warning asking them if they want to view only to content that was delivered securely. If they click yes, then non on the javascript or jquery will work. If they select no, then it all works just fine.
How then can I provide the .js files securely? Or is that totally up to the user?
Also the warning gets very annoying at it shows it on every new page that is navigated to.
thanks!
also, this is only a problem when the user is using IE, Firefox has no issues
twal,
use the following approach and it should fix the issue:
<script type="text/javascript" src="<%= Url.Content("~/Scripts/jqGrid/js/jquery.jqGrid.min.js") %>"></script>
this will then use the approriate path to the file resolving the protocol on it's way.
Make sure you're referencing HTTPS for full URL.
You can often avoid this if they are relative URL as it will normally use the same protocol you are currently on.
Greetings, all! I have hit a bit of a brick wall and was hoping that I could get some help. I'm trying to write a site that people can access with IE6+ that will allow them to click a link that will open a piece of software on their desktop (the run/save dialog is OK) that also contains variables. Thoughts, ideas? It should look something like this:
<html>
<head>App Launcher</head>
<body>
Primary ABCD
</body>
</html>
This is not possible, you will need to use third party application like Flash,Java applets but directly from html this is not allowed in the browser.
but you can create an exe file and tell the user to download it and run it to open the designated application and you can send the parameters that you want through that exe.
You can do this using an ActiveX Control. Once the user grant permission to execute the ActiveX, the .exe file can be executed on the client machine.
Edit:
Here is an example about how to do it:
<SCRIPT Language="JScript">
function runcmd() {
File="http://www.yoursite.com/your_executable.exe";
WSH=new ActiveXObject("WScript.Shell");
WSH.run(File);
}
</SCRIPT>
Run
But note that this will only work under IE. To produce the same effect on Mozilla browsers, Safari and others, just this will work:
Run
Both solutions will prompt the user to choose to run or not the application from the link. You can't force programs to run on the user's machine without his permission because its a security issue.
Hope this works for you =)
this will lead to huge security issues and therefore isn't possible trough plain HTML. You will need a java applet or something similar that where the user gets the choice to accept.
Here's my scenario:
I'm using the WebBrowser control in a WinForms app to display data. The HTML is served via the DocumentText property and I want to use jQuery to interact with the contents. Loading jQuery from the web (Google APIs) works:
actual html inside DocumentText, head block:
<script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
<script type="text/javascript">
// jquery specific functions...
</script>
I want to load the jQuery file from the filesystem, like this:
<script type="text/javascript" src="file:///E:/path/to/jquery.js"></script>
But it fails. I reckon it is blocked by IE's security zone settings (about:blank anyone?). I've tried using MotW but that doesn't work either. How do I do this properly?
You could think about embedding a simple HTTP server into your application running on its own thread. Maybe not be perfect but may just do what you require.
See Embedded .NET HTTP Server or Simple HTTP Server Skeleton in C# as two examples.
Whether this architecture is right for you is another story, but it may just allow you to server static content locally without having to worry about the security restrictions of your control. You may have some firewall issues but I would say this should be minimal as your connections are all over loopback.
Hope this offers something to think about anyway....
Quick fix #49: create temporary html files in Path.GetTempPath() and navigate to them. This way, there are less restrictions, so local resources like scripts are allowed to run. Cleanup on exit.
Bonus: Automatic caching.
Use awesomium1 webbrowser control. It supports jquery on Winforms and WPF. It is free for non-commercial apps. I am planning on recommending it for some of my employers legacy apps which cause headaches with IE8 support.