It is quite a common question but I can't find an answer to it
I have a simple HTML with an input text box (type=file) and a submit button. On clicking the submit button, I call a js function where I try to get the complete path of the file
var data = $('#fileName').val();
the issue is I am not getting complete file path of the file I am uploading. I know due to security reasons chrome gives me a C:\fakePath\filename and firefox gives me only the fileName. But in case I need a complete path what shall I do?
PS: Further I will make an ajax call and give that file path to the back-end which needs it to read that file using FileReader
You cannot get the complete path! there is no way to do that!! Even though you are on an intranet and you have enough permissions.
A workaround for this is to have a textarea and ask the user to enter the complete path of the file.
In short you can't have the full name of a file once is loaded on server side, you will just have the file name and its content in a raw byte array (among other attributes). This is not a Java thing nor other server side technologies issue, is related to browser implementation (but it looks that IE6 may contain a flaw about this).
Not directly related to your question but caught my attention
PS: Further I will make an ajax call and give that file path to the back-end which needs it to read that file using FileReader
Usually, you can't handle a file upload using ajax because it can lead to security holes. Still, there are some browsers (like Chrome and Firefox) that allows you to send a file using XMLHttpRequest but that isn't allowed on some browsers (like IE8-) so you have to use an iframe in order to make the file ajax uploading work.
In order to avoid handling all these problems, I would advice you to use a third-party js library that handles the ajax file upload. An example is blueimp jQuery file upload that also has Java server side examples (DISCLAIMER: I do not work in this project nor I'm associated with blueimp in any way). Note that using this plugin requires that you have a mid knowledge on HTML/JavaScript/jQuery/Java Server Side so if you're a starter it may take you some time to make it work, but once it does is pretty good.
I dont know which technology you are using.. but you can always get file name once it is uploaded on server (Using php or .net )
your steps to upload should be like below:
1) Upload file to the server (e.z. /uploadedFiles/...filename
2) Create a method which will fetch file name from the uploaded path
3) simply insert file name in to the database (this will give you flexibility to change folder name of uploaded docs in future if required)
Generally filenames are not stored as it is . to avoid name conflict in future. So it is a advisable to always rename your filename by adding minutes & seconds after itsname.
If any doubts do ask.
Hope it helps.
Browsers block the filepath access on javascript for securit reasons.
The behavior makes sense, because the server doesn't have to know where the user stores the file on his computer, it is irrelevant to the upload process.
Related
This was a question about testing file upload functionality using a local java server on Windows 7 platform. Since the question evolved with Marko's input, I have edited it, so that those who run into the same challenge do not waste time on evolution details and reach conclusions sooner.
The challenge was to direct uploaded file to a folder outside of the WAR structure and successfully read it from there. For example: upload an image into c:/tmp/ and then redirect to a confirmation page that displays the image <img src="c:/tmp/test.jpg" />. The upload worked but image would not be displayed. And based on Marko's input, this makes sense because browser sitting at localhost will refuse to load anything from local disk structure using c:. Maybe these are security considerations similar to those with file input control where we cannot set a default path...
The following tag will work in a locally created .html file but when pasted into a jsp, it won't work. And the difference is that browser uses localhost to get to the jsp.
<img src="c:/tmp/test.jpg" />
Solutions
I think that Marko's answer pretty much defines what needs to be done. While I didn't go with that approach, it clearly is the better way to do it and I will accept that as the answer. Thanks, Marko!
For those who don't want to bother installing a Web server and are willing to live with a bit of a hack, here's what I have done. Again, I didn't want to upload files into my WAR structure because I would then need to remember about clearing that folder before deploying to the server. But that upload folder still needs to be accessible, so I simply created another dummy project and put that upload folder under its WebContent. This works for the purposes of my local testing. The only nuisance is that after uploading a file, I need to refresh the dummy project's WebContent in Eclipse.
config.properties
#for uploading files
fileUploadDirectory=C:/javawork/modelsite/tmp/WebContent
#for building html links
publicFileServicePrefix=http://localhost:8080/tmp
<img src="http://localhost:8080/tmp/test.jpg" /> // this works - tmp is the name of my dummy project.
If you are citing literally the HTML that goes to the browser (the one that you access via "vieew source") then this has nothing to do with Java. The browser is the one who interprets these links. If they fail to load, the problem is in the browser/file system.
UPDATE
According to the results of your additional diagnostics, I conclude that the browser (sensibly!) refuses to load anything from your local disk if it is referenced from an HTML file coming from an internet URL, even when that URL is localhost.
UPDATE 2
(Deleted, irrelevant)
UPDATE 3
However you handle the files uploaded to the server, it's definitely not going to look like your solution -- the file is on the server's local filesystem, not client's. This sort of thing can be handled at the Apache HTTP server level -- reserve an URL section for static content and configure Apache with a base directory from which to serve the static content. Even if you run the server locally, on the same machine where you test it, you still need to go through the network interface.
Kind of hard to explain in one line but my problem is essentially like this:
I made a java applet that I want to run on a web page that I packaged into a .jar file. I'm able to get the applet working fine using the <applet> tag but the problem is, if the user views the page source, they will see:
<applet archive="directory/program.jar">
Assuming .jar files can be easily opened and all the class files decompiled, all the user would have to do is go to www.url.com/directory/program.jar to download my .jar and they would have all my source code :(
So I'm wondering if there is either a way to protect my code/jar from being decompiled (other than obfuscation) or to use some kind of server-side script to feed the contents of the .jar directly to the browser from a server-side location not publically visible.
Any help is appreciated.
This is fundamentally impossible.
Java applets run the client.
Anything that runs on the client can be disassembled and modified by a sufficiently advanced user.
You should move your sensitive logic to the server and invoke it using HTTP requests ( and remember that the user can use Fiddler).
While you're at it, you should probably replace your applet with HTML and Javascript.
Other than obfuscation or encryption, no--one way or the other, the browser will have access to the jar.
You might be able to create an applet that loads more functionality at runtime.
There is no effective way to block access to the source code of any page; for the page to be readable by browsers and search engines, the source code has to be accessible, and therefore can be viewed and/or copied. That's just how the web works. HTML is sent as a text document and interpreted client-side.
Disabling the right-click is little more than an annoyance, and it works sporadically in alternative browsers. Even if you succeed, the View Source option in the menu is always present. The viewer could also use a download tool such as Wget, or even get the page from the Google cache without visiting your site at all.
Edit: Oops! I misunderstood your question. You should follow #SLaks advice and "move your sensitive logic to the server and invoke ot using HTTP requests ( and remember that the user can use Fiddler)."
While quantum mechanics do rule the universe, they have less of a grip on your code than you might suspect. You cannot both deploy code to the client browser and not deploy code to the client browser. You have the option of doing one or the other.
You can prevent direct browsing to your .jar file by locating it beneath the WEB-INF directory in your WAR file. This will also prevent <applet archive="directory/program.jar"> from working.
Once the jar is beneath the WEB-INF directory you will need something to feed the resource to the client browser; the Spring resources servlet is good for this (If you are using Java and Spring). I feel confident that other such tools exist. With the Sprint resours servlet, your would deploy your applet with something like this: <applet archive="resource/program.jar".
If you write your own resource distributor, you can add security to make it harder to get the jar file; perhaps add a header to your requests like IRGud: <user_id here> and fail any request that does not have that header (or acceptable contents in the header).
In the java web application need to select the file from server and print to the local printer. how it can be done
Thanks in advance
That's going to be tricky whenever you require a minimum of user interaction (i.e. just click the link and then do the print magic) and it also depends on the type of the file in question. If it is for example a .doc file, then you would basically need to download it to the client environment and open it in the default associated application (MS Word in this case) and then let the application execute the print command. You can't do this from the server side on.
Your best bet is to create an Applet which in turn displays the file tree, downloads the file to the local disk file system on client interaction and makes use of Desktop#print() to print it. E.g.
File file = new File("/temp/file.doc");
// Read file from server using URLConnection, write it to this file and then do:
Desktop.print(file);
But if it are for example plain text files such as text/html, text/xml, etcetera, then you can make use Javascript to load the file into some <div> or <iframe> element and then execute the window.print() method on it, if necessary along with a CSS media rule.
You will need an applet, flash, silverlight, javafx - i.e. an embedded app. There:
download the file from the server by creating a GET request (in an applet - using URL.openConnection()), obtaining the returned bytes and forming an in-memory document
sending that to a printer. If you chose applet - this might help
(I'm not aware whether the same flow can't be achieved with javascript as well)
I am trying use a Java Uploader in a ROR app (for its ease of uploading entire directories). The selected uploader comes with some PHP code that saves the files to the server. I am trying to translate this code to Ruby, but am stumped on this point:
PHP has a very convenient superglobal – $_FILES – that contains a hash of all files uploaded to the current script via the HTTP POST method. It appears Ruby does not have a similar resource. Lacking that, what is the best way to access and save the uploaded files?
I am using the JavaPowUpload uploader ( http://www.element-it.com/OnlineHelpJavaPowUpload/index.html ).
ruby on rails allows you use the application root directory to get at the file stored (wherever you have decided to put it) via #{RAILS_ROOT}.
Check out this tutorial. Not the prettiest method, but it should give you an idea of what needs to be done. Once the file is uploaded, it's just a matter of getting the right path and doing your processing from there.
Here's I want to do, I want to upload a file that will be processed by a servlet. I would use Apache Commons - File Upload to handle the file to be uploaded.
I've seen the gmail-like AJAX file upload, where there would be a hidden iframe that would later be populated with a javascript to stop showing the upload image or displaying a message that the upload is succesful. However, this uses PHP, where the php file to handle the file upload would include the javascript inside the iframe.
My question is, how would I do this in Java using servlets, without resorting to JSP and imitating the above implementation on PHP. I don't even know if this is possible, so please guide me on a good implementation (without external libraries except for commons fileupload).
Note: I am aware that there are libraries out there that could do this easily, but I first want to know how this happens, how this is possible, and to dirty my hands and learn this.
Edit: Just to add, I would use the streaming API of Apache-Commons FileUpload
It is exactly the same.
The client makes an HTTP request to the server (by submitting a form).
The server responds with some HTML (which links to or embeds some JavaScript).
Switching from PHP to Java is just a drop in replacement. You don't need to change any of the JavaScript. The user guide tells you how to set it up.
http://oreilly.com/pub/a/javascript/2002/02/08/iframe.html is the best idea to file-upload. i done file upload using hidden iframe. Please consult with attached link.