I want to save a file with read-only options through a servlet.Can someone shed some taughts.
Thanks.
(fyi..I went through this link,so need some other ways through which this can be done.
Making servlet serve READONLY text/html resource)
Use File.setWritable(false).
Related
How do I make WKWebview use local .js, .css and/or local image files, in place of remote files, in order to make the web page load faster.
Also, I noticed NSURLProtocol methods (when implemented through register class) do not get called when WKNavigationDelegate methods are implemented, any idea on why?
In iOS 9 API there is a new method for loading local resource
/*! #abstract Navigates to the requested file URL on the filesystem.
#param URL The file URL to which to navigate.
#param readAccessURL The URL to allow read access to.
#discussion If readAccessURL references a single file, only that file may be loaded by WebKit.
If readAccessURL references a directory, files inside that file may be loaded by WebKit.
#result A new navigation for the given file URL.
*/
#available(iOS 9.0, *)
func loadFileURL(URL: NSURL, allowingReadAccessToURL readAccessURL: NSURL) -> WKNavigation?
After going through a lot of documentation, I realized/learnt that I'll not be able to track URLs if I use WKWebviews. I have to resort to UIWebView for the moment.
Due "Copy to Output" for js files it is impossible to just edit js file and reload the page to see the changes. It is required to restart the service.
One of the possible solutions is to modify VFS to look at js files in the correct location (solution tree, not in the output folder) in DEBUG mode.
Any other suggestions?
Thanks,
Dmitry
The simplest solution is
SetConfig(new HostConfig
{
WebHostPhysicalPath = "C:\\projects\\path_to_self_host_project"
});
I want to be able to open pdfs that live in a folder at /app/somefile/file.pdf via apache like this http://mysite/app/somefile.file.pdf. I've tried adding a RewriteCond in CakePHP's .htaccess file:
RewriteCond %{REQUEST_URI} !^/app/somefolder/ - [L]
But just get a 500 error. What am I doing wrong?
Use this in your controller and use routes to access it the way you want, opening up other folders for the world is NOT a good idea
Sending files
There are times when you want to send files as responses for your requests. Prior to version 2.3 you could use Media Views to accomplish that. As of 2.3 MediaView is deprecated and you can use CakeResponse::file() to send a file as response:
public function sendFile($id) {
$file = $this->Attachment->getFile($id);
$this->response->file($file['path']);
//Return reponse object to prevent controller from trying to render a view
return $this->response;
`enter code here`}
As shown in above example as expected you have to pass the file path to the method. CakePHP will send proper content type header if it’s a known file type listed in CakeReponse::$_mimeTypes. You can add new types prior to calling CakeResponse::file() by using the CakeResponse::type() method.
If you want you can also force a file to be downloaded instead of being displayed in the browser by specifying the options:
$this->response->file($file['path'], array('download' => true, 'name' => 'foo'));
source: http://book.cakephp.org/2.0/en/controllers/request-response.html#cake-response-file
You could use an Apache alias to make the contents of that directory publicly accessible:
Alias /app/somefile /app/webroot/somefile
Place the above code in a server/virtual host config file, not .htaccess.
Make sure the web server user has read access to that directory.
you could just make a symlink to them, though your apache config may or may not be allowed to follow them.
I was able to do this buy only adding this to the .htaccess file in the root:
RewriteCond %{REQUEST_URI} !^/app/somefolder/
(My original version had a [L] which is incorrect, and that's why it wasn't working.)
Just in case anyone doesn't already know: this is not generally a secure thing to do. I have very specific reasons for doing this.
We had to implement an image uploader for a node.js project. As framework we are using express.js We did it like described here: http://howtonode.org/really-simple-file-uploads
But we are not sure how to secure this image uploader. What we did so far is:
checking the file size
checking extension and header
rename the file
file is only accessible over a special route and is not in the root folder
Is this enough? We don't feel very comfortable with the following line:
// CHECKING FOR FILESIZE, EXTENSION, HEADERS
fs.readFile(req.files.displayImage.path, function (err, data) {
...
...
...
// RENAMING FILE
// SAVE FILE
...
...
...
}
Is it save to read the image this way? We are afraid, there could be malicious code in req.files.displayImage.path. Do we need to add more checks or are our checks sufficient? What attack vectors do we offer an attacker if we use the code as described?
Thank you for your advices
Tschoartschi
If you are concerned for opening malicious images on client side as posted in your comments. Try opening third party scripts and untrusted files inside a sandboxed iframe this will protect your users.
Hopefully someone can help me with this.
It is my understanding that using a ClassLoader is the most reliable way to load in content.
public class Pipeline{
public static URL getResource(String filename) {
return ClassLoader.getSystemResource(filename);
}
public static InputStream getResourceAsStream(String filename) {
return ClassLoader.getSystemResourceAsStream(filename);
}
}
If you had a file at "[jar bundle]/resources/abc.png" ..You would load it by:
URL url = Pipeline.getResource("resources/abc.png");
Loading is simple.
Saving is what's getting me.
I have a program that collects data while running, saves that data on exit, and then loads the data back in next time and keeps adding to it.
Easiest solution I think would be to save back into the jar bundle so that ClassLoader can get at them. Is this even possible? Or recommended?
I don't mind having my resources outside of the jar, just as long as I don't have to resort to 'File' to get at them and save to them. (Unless it can be done cleanly)
folder/application.jar
folder/resources/abc.png
If you could ../ back one from where the ClassLoader is looking it would be easy to cleanly get data from the directory that actually contains the jar file
Pipeline.getResource("../resources/abc.png");
Any ideas?
This isn't really what class loaders are meant for. Loading resources from the class loader is meant so that you can bundle up your application as one package and components can read each other without worrying about how the system you're deploying to is setup.
If the file in the JAR is meant to be changed by the app, then it isn't part of the app and thus probably shouldn't be in the JAR.
I don't have a lot of context on your app, but hopefully my suggestion will be valid for your situation.
I recommend setting a requirement in your app that it has a work area to which it is allowed to read and write and accept a configuration setting that specifies where this directory is. Typical ways to do this in Java are with environment variables, system properties or JNDI settings (for container deployments).
Examples:
Tomcat's startup scripts figure out where it is installed and sets a system property called catalina.home and allows you to over-ride it with an environment variable called CATALINA_HOME.
JBoss looks for JBOSS_HOME
Java application servers typically look for JAVA_HOME to find the JDK.