This is the same question as this but I'm looking for a classic ASP solution.
I have a third party control to provide secure downloads but it expects you to provide the response.contenttype value. I'm trying to have the browser prompt with the following:
Response.AddHeader "Content-Disposition", "attachment;filename=""" & strFileName & """"
However Safari doesn't like any of the suggested content types (does odd things with the file name - like add ".exe" to the end).
application/x-msdownload
application/force-download
So I'd either like to query IIS for the correct content type or find a generic content type that would let the browser figure it out in a somewhat reliable fashion.
Typically the mimemap being used by the site is stored at server level and you can get into permission issues trying to read it. It requires some nasty ADSI code.
Have you tried the standard application/octet-stream as a mime type?
From Reading the server mimemap:
Public Function GetMimeType(ByVal Extension)
Dim oMimeMap
Dim vntMimeType
Dim avntMap()
Set oMimeMap = GetObject("IIS://LocalHost/MimeMap")
If Left(Extension, 1) <> "." Then Extension = "." & Extension
avntMap() = oMimeMap.MimeMap
For Each vntMimeType In avntMap
If vntMimeType.Extension = Extension Then
GetMimeType = vntMimeType.MimeType
Exit For
End If
Next
If GetMimeType = "" Then GetMimeType = "application/octet-stream"
End Function
Note: the code calling GetObject is required to be an Operator in WWW Service Master properties.
Related
I am looking for function in SSJS in XPages instead of "Environ" function.
fileName = "tmpExcel.xls"
bantfile =Environ("Temp") & "\" + fileName + ".xls"
Any suggestion is appreciated.
You can get temporary directory's path on server with SSJS code
var tmpPath = java.lang.System.getProperty("java.io.tmpdir");
It depends on your use case.
For client side enviro, use cookies.
For server side enviro, go for property files.
Be aware - do not use profile documents. They are cached and it makes problems in multithreaded HTTP context.
I'm redesigned a login system where I work and currently if someone know the path to a file they may be able to access it even if they are not logged in at all. So far I've researched and come up with 2 ways to prevent this.
Disable anonymous access and have the file brought in by the webpage. This is what I would prefer to do for now since it wouldn't require moving the files around and it seems to be relatively easy to implement. The problem with this is that if I disable anonymous access the file trying to access the document they requires the username/password. Is it possible to have to username/password as part of the ASP file to eliminate this?
The other option is to move the files outside of the website and elsewhere on the server and have the webpage bring in the file similar the first option. I want to eventually get to this method, currently it would take much more time to do this though since we would have to move the files for all of our users as well as change the programs that generate the different reports to output to their new locations.
You could do this with a rewrite rule in IIS.
http://www.iis.net/downloads/microsoft/url-rewrite
You can also do this with a Request Filtering rule in IIS.
http://www.iis.net/configreference/system.webserver/security/requestfiltering/filteringrules/filteringrule/appliesto
"Is it possible to have to username/password as part of the ASP file to eliminate this?"
Yes, if you only want to restrict access to .asp files Session variables tend to be overused in Classic ASP but this is one situation where it is completely appropriate to use one. At the start of all your restricted pages you could have something like
<% If Session("loggedin") <> 1 then Response.Redirect("login.asp") End If %>
Then you need to find a classic asp login script which sets a session variable. Google or Bing should come up with plenty, but here are a couple of links for you
https://web.archive.org/web/20211020121723/https://www.4guysfromrolla.com/webtech/050499-1.shtml
https://web.archive.org/web/20210323190338/http://www.4guysfromrolla.com/webtech/021600-1.shtml
Edit - http server request code. I haven't tested this
Set xml = Server.CreateObject("Msxml2.ServerXMLHTTP.6.0")
xml.open "GET","http://fullurlto/yourpdffile.pdf", false, "yourusername", "yourpassword"
xml.send
Response.ContentType = "application/pdf"
Response.write xml.responseText
I found a basis for the code elsewhere on this site but it didn't quite work the way I needed it to.
How To Raise a "File Download" in ASP and prevent hotlink
Dim curUser, curDir, curtype
curUser = Request.QueryString("user")
curDir = Request.QueryString("dir")
curType = Request.QueryString("type")
If curUser = Session("homefolder") Then
Set adoStream = CreateObject("ADODB.Stream")
adoStream.Type = 1
adoStream.Open()
adoStream.LoadFromFile "C:/path/to/" & curUser & curDir
Response.Buffer = true
Response.CharSet = "UTF-8"
Response.Clear
If curType = ".TXT" Then
Response.ContentType = "text/plain"
Else
Response.ContentType = "application/pdf"
End If
Response.flush
Do While Not adoStream.eos
Response.BinaryWrite adoStream.Read(1024 * 8)
Response.flush
Loop
Response.End()
adoStream.close
Set adoStream=nothing
Else
Response.Redirect "denied.asp"
End If
The file is brought in and displayed within the browser. If the user tries to see another user's files they are simply redirected. I'm currently only dealing with PDF and TXT file but it will be easy to add new files types if needed.
I need to assign another application as an object and control it.
Typically, I would open a new instance of the application using CreateObject(), but in this instance I need an existing instance of the object that was already opened in Windows Explorer. The object is an Internet Explorer session that, for various reasons, I can't simply navigate to using web browser controls in Office.
Is there a way to grab this application session by its window handle or something so that I can control it using the APIs that VBA offer? It's also essential that the application stays on the page that it was on and that its entire DOM structure remains intact.
Try this in a sub, it works for me
Set objShell = CreateObject("Shell.Application")
IE_count = objShell.Windows.Count
For x = 0 To (IE_count - 1)
On Error Resume Next ' sometimes more web pages are counted than are open
my_url = objShell.Windows(x).Document.Location
my_title = objShell.Windows(x).Document.Title
If my_title Like "The Title You're Looking For" & "*" Then
Set ie = objShell.Windows(x)
Exit For
Else
End If
Next
Now do stuff with this instance of ie
This may be a simple one but I can't figure it out. How can I open a web page in the main browser from extendscript as I would do with window.open() in Javascript?
I am targeting After Effects and would like it to work on both OS X and Windows.
In After Effects you can simply do it using the system object, as Dirk mentioned. However you need several things for that:
checking that the script can access the network:
if (app.preferences.getPrefAsLong("Main Pref Section", "Pref_SCRIPTING_FILE_NETWORK_SECURITY") != 1)
{
alert("Please tick the \"Allow Scripts to Write Files and Access Network\" checkbox if Preferences > General");
// Then open Preferences > General to let people tick the checkbox
app.executeCommand(2359);
// Here you should check again if they ticked it, and choose to continue or stop ...
}
checking of the OS:
var os = system.osName;
if (!os.length)
{
// I never remember which one is available, but I think $.os always is, you'll have to check
os = $.os;
}
app_os = ( os.indexOf("Win") != -1 ) ? "Win" : "Mac"
os-dependent system calls:
var url = "http://aescripts.com";
if ( app_os == "Win" )
{
system.callSystem("explorer " + url);
}
else
{
system.callSystem("open " + url);
}
Provided you have access to CSInterface.js:
cep.util.openURLInDefaultBrowser("http://www.google.com")
One application independent way is to write an operating system's representation of the URL into a file, then execute() the file.
On the Mac that would be a .webloc file. The underlying format is "plist binary", if you prefer to generate xml, create a sample webloc by drag&drop from the browser address and convert it:
plutil -convert xml1 ~/Desktop/sample.webloc
To invoke that webloc, run the ExtendScript
File("~/Desktop/sample.webloc").execute()
You can do anything on your local computer - commandline and anything else in a VBS file, and you can launch a vbs file from javascript like this:
function RunScriptVBS(whatscriptname){
app.doScript(File(whatscriptname), ScriptLanguage.VISUAL_BASIC);
}
Here is your vbs script:
Dim objShell
Set objShell = CreateObject("WScript.shell")
objShell.Run ("http://www.somewhere.com")
set objShell = nothing
The scope of the question apparently has been refined to After Effects (AE), so I add another answer specific to that application.
On my Machine AE CS6 does not produce an object model file for display by the ExtendScript Toolkit. Please retry it yourself, the object model viewer is in the help menu of ESTK.
Anyway, the ESTK data browser does works. If you target AE, you'll see a couple of objects and classes. Eventually check some more menu items in the databrowser panel flyout menu. I had a deeper look at the app object itself (no openUrl() there) and also found a "system" object. Expand that and you see several interesting methods.
The following script opens a URL on the Mac. I have not tried Windows, maybe it is even the same.
system.callSystem("open http://www.google.com")
As this is the first time I launched AfterEffects, I might have missed better ways.
I'm working on adding a feature to an old classic asp site and ran into an interesting problem. The following line on the page results in the helpful error "Object required:'' "
strServerName = Request.ServerVariables("server_name")
When I attached a debugger to look at it, Request is in fact Empty, which I don't understand how that can happen? This line exists on several pages and executes with no problems besides this one. In this case, the page is executed by a Redirect from another page.
I've been searching for a solution for a day or so now and haven't been able to locate anything that's been helpful. I'm desperate, any ideas would be greatly appreciated.
Oh, and if any more information is required, please don't hesitate to call me out.
Thanks!
Update 1
As requested, below is the entire code snippet wrapped in <% %> tags. This block exists as first code within the file (named 'order-results-instant.asp'):
<%
strServerName = Request.ServerVariables("server_name")
strServerName = UCase(strServerName)
strServerURL = "http://localhost/cbr"
strServerURLhttps = "https://localhost/cbr"
strConnect = "Provider=SQLOLEDB;Data Source=localhost;Initial Catalog=CBR; Integrated Security=SSPI"
Dim objConn
Dim sql_stmt
Dim rs
%>
Update 2
I've used the following 2 methods to redirect execution to this page - perhaps this can cause the request to be lost?
'Response.Redirect strServerURL & "/order-results-instant.asp?gwstep=1"
Response.Write "<META HTTP-EQUIV=""refresh"" content=""5;URL=" & strServerURL & "/order-results-instant.asp?gwstep=1"">"
Scan through the rest of the code. At the Global level you will find this:-
Dim Request
Rename this variable and its current usage and the Request object attached to the script context will become visible.
On your server is the Active Server Pages Web Service extension allowed (turned on) ?
I copied your code into my test asp file with the following code and it redirected just fine.
<%
strServerName = Request.ServerVariables("server_name")
strServerName = UCase(strServerName)
strServerURL = "http://localhost/"
strServerURLhttps = "https://localhost/"
strConnect = "Provider=SQLOLEDB;Data Source=localhost;Initial Catalog=CBR; Integrated Security=SSPI"
Dim objConn
Dim sql_stmt
Dim rs
Response.Write(strServerName)
if Request.Querystring("test") <> "1" then
Response.Redirect("http://" + strServerName + "/asptest.asp?test=1")
end if
%>
The only real difference is I am adding "http://" to the redirect. Maybe something I did will shed some light to help you solve your issue.
thanks
Does it work if you try to access it at an earlier point in the page?