Reputation: 61
How to bypass document.domain limitations when opening local files?
I have a set of HTML files using JavaScript to generate navigation tools, indexing, TOC, etc. These files are only meant to be opened locally (e.g., file://) and not served on a web server. Since Firefox 3.x, we run into the following error when clicking a nav button that would generate a new frame for the TOC:
Error: Permission denied for <file://> to get property Location.href from <file://>.
I understand that this is due to security measures within FF 3.x that were not in 2.x, in that the document.domain does not match, so it's assuming this is cross-site scripting and is denying access.
Is there a way to get around this issue? Perhaps just a switch to turn off/on within Firefox? A bit of JavaScript code to get around it?
Upvotes: 6
Views: 5044
Answers (5)
Reputation: 12389
You may use this in firefox to read the file.
function readFile(arq) {
netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
var file = Components.classes["@mozilla.org/file/local;1"].createInstance(Components.interfaces.nsILocalFile);
file.initWithPath(arq);
// open an input stream from file
var istream = Components.classes["@mozilla.org/network/file-input-stream;1"].createInstance(Components.interfaces.nsIFileInputStream);
istream.init(file, 0x01, 0444, 0);
istream.QueryInterface(Components.interfaces.nsILineInputStream);
var line = {}, lines = [], hasmore;
do {
hasmore = istream.readLine(line);
lines.push(line.value);
} while(hasmore);
istream.close();
return lines;
}
Upvotes: 1
Reputation: 1
Add "file://" to network.automatic-ntlm-auth.trusted-uris in about:config
Upvotes: -1
Reputation: 1687
You can have all files that you want to access in subfolders relative to the page that is doing the request.
You can also use JSONP to load files from anywhere.
Upvotes: 0
Reputation: 18133
In firefox:
- In address bar, type about:config,
- then type network.automatic-ntlm-auth.trusted-uris in search bar
- Enter comma separated list of servers (i.e., intranet,home,company)
Another way is editing the users.js.
In users.js, write:
user_pref("capability.policy.policynames", "localfilelinks");
user_pref("capability.policy.localfilelinks.sites", "http://site1.com http://site2.com");
user_pref("capability.policy.localfilelinks.checkloaduri.enabled", "allAccess");
But if you want to stop all verification, just Write the following line into users.js file:
user_pref("capability.policy.default.checkloaduri.enabled", "allAccess");
Upvotes: 1
Reputation: 111077
Cleiton's method will work for yourself, or for any users who you expect will go through this manual process (not likely unless this is a tool for you and your coworkers or something).
I'd hope that this type of thing would not be possible, because if it is, that means that any site out there could start opening up documents on my machine and reading their contents.
Upvotes: 0
Related Questions
- how to open a local file in mozilla firefox using only HTML?
- Opening local files from chrome
- Opening Local HTML Files using HTML and Javascript
- Opening a file in local file system in javascript
- How to open a local file with Javascript FileReader()
- opening a local file in a webpage using file://
- Read local files from web browser
- Loading a local page into Firefox with Javascript
- Firefox and Local Files
- How open a local file with the associated program from a web page?