Execute a Application On The Server Using JavaScript - javascript

I have an application on my server that is called leaf.exe, that haves two arguments needed to run, they are: inputfile and outputfile, that will be like this example:
pnote.exe input.pnt output.txt
They are all on the same directory as my home page file(the executable and the input file). But I need that a JavaScript could run the application like that, then I want to know how could I do this.
I'm using just Apache, I don't have any language for web installed on it. My goal is to do a site using just JavaScript, without the help of anyother language than it, HTML and CSS.

You would need to make an Ajax request to the server - the server would then have a handler that would then invoke the executable with the appropriate parameters.
Without know which web server technology you are using, it's harder to give a more concrete answer (ex: ASP.NET, PHP, Ruby, etc).
EDIT: If you're talking about doing this without any kind of server side resources, then this is impossible, and for good reason. Think of the security exploits!

Any other way to this without using other languages that need to be installed on the server?
No, but you almost certainly already have languages on the server. If it's a Linux, BSD or OSX server you've got shell script; if it's a Windows server you've got JScript and VBScript via Windows Scripting Host (using a cscript.exe hashbang).

JavaScript is for Client Side of a web application, so you won't be able to directly use javaScript to access server side files. As mentioned by Tejs, you should use Ajax to make a call to server side and then use appropriate server side routine to do the task.
Even at client side, most browsers don't allow accessing of any resource( e.g files) by javaScript code.

For server side javascript in Apache you could use Sun ONE Active Server Pages, formerly known as Chili!Soft ASP. For an IIS server, javascript is plainly available as asp-language.

Look into Rhino and node.js. I dont know a lot about this, but thats a route you can use for serverside javascript.

Related

Do Node.js-hosted files have their code exposed?

I apologize for what might seem like a really dumb question based on a limited of Node.js but please know I am attempting to learn all I can. That being said, as I understand it, Node.js is similar to Apache or IIS. What types of files does it actually serve though (ASP, ASP.NET, PHP, HTML, etc.)?
My IMPRESSION is that it serves JavaScript and HTML by recommendation? In such a case, if I write a JavaScript file used on the server side to write data to my database, is my code exposed to the end user?
My scenario for example is that I would write an HTML5 page with JavaScript to write to a database but if that is served by Apache or IIS then both the HTML and JavaScript have their code exposed. How does this work with Node.js, do I need to stay with PHP for securing my code?
Thank you!
As long as the server-side javascript isn't served to the requesting user you're safe. So no, the database stuff within nodejs won't be served.
That's like asking if PHPs or javas database code get served if someone requests a page (only if the code is read and echoed).
Node.js is a server-side scripting language with modules for interacting with HTTP requests and responses.
You can serve literally any kind of file with Node (as you could with other server-side scripting languages), and in fact, probably want to go out of your way not to let people grab any files they want.
PHP won't secure your code for you. Normally, nginx or Apache helps to protect against threats, but a Node.js server running on a port completely bypasses all of that unless you specifically configure nginx or Apache to forward requests to the port your node program is listening on.

Launch a program from the destop using jQuery or PHP [duplicate]

How can I run a batch file on the client side? An exe file? Just to open pre-installed program in client side?
[Edit]
Regarding ActiveX, I tried
var activeXObj = new ActiveXObject("Shell.Application");
activeXObj.ShellExecute("C:\\WINDOWS\\NOTEPAD.EXE", "", "", "open", "1");
but this doesn't work. Any suggestions?
From Javascript? You can't. It's a security risk. Think about it - would you want every website to be able to run programs on your PC?
You mean launch an external program thru a browser window using JavaScript? No way you can do that! That's a goddamn security black hole!
<script language="javascript" type="text/javascript">
function RunEXE(prog) {
var oShell = new ActiveXObject("WScript.Shell");
oShell.Run('"' + prog + '"', 1);
}
</script>
If you really have control on the client, then you may want to install some remote daemon service on the client side, like SSH.
PS. Invoke it through your "server-code", however.
Updated:
Don't be discouraged. You can absolutely do that in safe manner.
First you need a daemon service on the client that will handle the task of invoking your application. Personally, I'd rather build simple rpc-server as windows-service with C++ or Delphi; but many other kinds of server could also do the job (SSH, Apache, Telnet)
Then make a web pages that allow the user to "register" their services with proper authentication to invoke that service (password, security key)
When you want to invoke your application from web-page on the client that's already registered, make ajax call (xmlhttprequest) to your server.
The server should validate the requesting IP address with registered information.
Then make a remote command invokation to the client with the registered information.
There can be some networking situation that this scheme might not work. However, if you really have control on the execution environment then there always be some workarounds.
Redirect the client to http://yourserver/batchfile.bat. Under some browsers, this will prompt the user to run the batch file.
If the problem is the batch file is being displayed in the browser you need to set Content-Type and Content-Disposition in the HTTP header so the user is prompted to Save (or Run) the file rather than have the browser display it.
You won't be able to run the file without an OK from the user but this shouldn't be a problem.
Have a look at this question for a little more detail.
Basically, you can't. If you need to launch something on the client side, you'll need another mechanism altogether, presumably one with some security built in. A previous poster mentioned psexec (http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx), which will obviously only work if you have appropriate permissions on the target system, and which is completely outside the browser.
Basically, what you are asking for is a BIG, BIG, problem if you were able to do it easily.
You might look into ActiveX, but I don't know what limits there are on an ActiveX object these days (I know there ARE limits, but perhaps you can work within them).
It's not allowed directly, for security reason. Besides all other answers, there is another idea.
You can build a localhost rest service in your pre-installed program and use javascript to call it with command or data, well assuming that you write the the pre-installed program and the service is supposed to be running when you call. This solution works in some scenarios.

how to read xml from FTP server in javascript

I am new to Javascript. Please tell me that how to retrieve and read XML file which is placed on ftp server in Javascript. Javascript only speaks HTTP and WebSockets (on newer browsers), and not FTP
If you are restricted to using client-side JS, it's not possible. It is possible with NodeJS, though.
If you are speaking about client side Javascript (the one that is in the browser), then this is not possible (it can understand only HTTP protocol and with the rise of HTML5 also WebSockets). FTP is completely another protocol and hence this is not possible.
Think about it this way: your JS is stored in your browser. So the whole code that will connect to your FTP and do something there is exposed to everyone. In order to connect to FTP you need to provide your credentials (your username and password). This means that everyone who wants to get them can get them. This is not nice :-).
As I understand, the thing you want to achieve - user does something on your site (click a button) and he can download the file from the ftp. In this case I would do something like this. On click I will make an ajax call or some sort of redirect ( window.open('http://yourserver/getFile.php'); ) And the script in getFile.php (php does not matter here - this is any server side script python, asp, ...) connects to your FTP server and does whatever you want.

How to invoke Linux command with JavaScript

I am new in JavaScript, and now I want to run a Linux application in JavaScript and show the result in a web page. It all happens in client without a server. But for security issues or something else, JavaScript as no such interfaces. I know in Windows, it could be achieved with activeX, but how could I achieve this in Linux?
I just wanna make js+browser equal to a client application without the complex GUI design. So there is no server. Any easy way to accomplish it?
Maybe Node-webkit is what you want.
It allows you to easily create a desktop application in javascript and access "low-level" stuff so you can run commands, without the need of an http server.
Can't be done.
JavaScript cannot interact with the users system in any way.
The only thing you can do is send a request to a server, which executes the command and sends the response back.
With javascript alone can't be done. But you have at least two option to do this using javascript plus other technologies.
The first one is what Jivings sent, using Jquery to sent a post request to a scripting language at the server side.
The second way is to install Node.js. This platform runs on javascript engine, and has all the features you need from the language. After installing it just see this post that explains how to execute a command.

How can I run a program or batch file on the client side?

How can I run a batch file on the client side? An exe file? Just to open pre-installed program in client side?
[Edit]
Regarding ActiveX, I tried
var activeXObj = new ActiveXObject("Shell.Application");
activeXObj.ShellExecute("C:\\WINDOWS\\NOTEPAD.EXE", "", "", "open", "1");
but this doesn't work. Any suggestions?
From Javascript? You can't. It's a security risk. Think about it - would you want every website to be able to run programs on your PC?
You mean launch an external program thru a browser window using JavaScript? No way you can do that! That's a goddamn security black hole!
<script language="javascript" type="text/javascript">
function RunEXE(prog) {
var oShell = new ActiveXObject("WScript.Shell");
oShell.Run('"' + prog + '"', 1);
}
</script>
If you really have control on the client, then you may want to install some remote daemon service on the client side, like SSH.
PS. Invoke it through your "server-code", however.
Updated:
Don't be discouraged. You can absolutely do that in safe manner.
First you need a daemon service on the client that will handle the task of invoking your application. Personally, I'd rather build simple rpc-server as windows-service with C++ or Delphi; but many other kinds of server could also do the job (SSH, Apache, Telnet)
Then make a web pages that allow the user to "register" their services with proper authentication to invoke that service (password, security key)
When you want to invoke your application from web-page on the client that's already registered, make ajax call (xmlhttprequest) to your server.
The server should validate the requesting IP address with registered information.
Then make a remote command invokation to the client with the registered information.
There can be some networking situation that this scheme might not work. However, if you really have control on the execution environment then there always be some workarounds.
Redirect the client to http://yourserver/batchfile.bat. Under some browsers, this will prompt the user to run the batch file.
If the problem is the batch file is being displayed in the browser you need to set Content-Type and Content-Disposition in the HTTP header so the user is prompted to Save (or Run) the file rather than have the browser display it.
You won't be able to run the file without an OK from the user but this shouldn't be a problem.
Have a look at this question for a little more detail.
Basically, you can't. If you need to launch something on the client side, you'll need another mechanism altogether, presumably one with some security built in. A previous poster mentioned psexec (http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx), which will obviously only work if you have appropriate permissions on the target system, and which is completely outside the browser.
Basically, what you are asking for is a BIG, BIG, problem if you were able to do it easily.
You might look into ActiveX, but I don't know what limits there are on an ActiveX object these days (I know there ARE limits, but perhaps you can work within them).
It's not allowed directly, for security reason. Besides all other answers, there is another idea.
You can build a localhost rest service in your pre-installed program and use javascript to call it with command or data, well assuming that you write the the pre-installed program and the service is supposed to be running when you call. This solution works in some scenarios.

Categories