Could asp.net create files on client machine?

> Does it have any ways that asp.net web application can create the file on

client computer or
No
get files from client computer?

If the file is submitted via a file upload control yes, but the user will
have to click Browse and select the file to upload.

An ASP.NET application could get files from a client computer provided that
you have a FileUpload control (HtmlInputFile) on the page, which allows the
user to browse to a file and upload it.

Otherwise, built-in browser security restrictions disallow web applications
from accessing the local machine through the browser.
Peter

--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com


"Grace" wrote:

Does it have any ways that asp.net web application can create the file on
client computer or
get files from client computer?

Thanks.

"Grace" <Gr***@discussions.microsoft.com> wrote

Does it have any ways that asp.net web application can create the file on
client computer or

As others have told you, you can't create files on the client computer
directly. The best you can do is create the file on the server and invite
the user to download it to the correct location. It depends what you're
trying to achieve. Perhaps if you give more details, someone can suggest a
more specific workaround.

First of all, an ASP.Net Web application can't do ANYTHING on the
client computer, since it only runs on the server. The best that it
could do, is to include some javascript on the page.

Javascript, in theory, could create a local file and upload a file to a
server, but these abilities are normally disabled by the brower as a
security measure.

The following WebForm2.aspx is to create a text file on client machine.

If I want to let WebForm2.aspx execute, client IE's setting must be set LOW
security,
and IE will show a dialog to ask users if it is allowed to run ActiveX
Controller.

But IE Browser's default security setting isn't low security.
So, if users execute this web page, it will have a scripting error
(Automation couldn't produce the object.)

Is there any ways that can solve this situation
(When client's IE security setting isn't low security,
and we don't want to let users see the scripting error) ?
--------------------
WebForm2.aspx:
--------------------
<html>
<head>
<title>WebForm2</title>
</head>
<script language="javascript">
var fso = new ActiveXObject("Scripting.FileSystemObject");
var a = fso.CreateTextFile("c:\\testfile.txt", true);
a.WriteLine("This is a test.");
a.Close();
</script>
<body>
</body>
</html>

"ja**********@gmail.com" wrote:

First of all, an ASP.Net Web application can't do ANYTHING on the
client computer, since it only runs on the server. The best that it
could do, is to include some javascript on the page.

Javascript, in theory, could create a local file and upload a file to a
server, but these abilities are normally disabled by the brower as a
security measure.

If it is literally just a javascript error, then try/catch may mask it.
HOWEVER the concept is still really, really dodgy; put simply: you are not
allowed to do this. A browser being able to read/write files silently on the
HDD is such a huge, gaping security hole that I am very, very glad that
every browser (and some AV sw) worth using doesn't allow it. Maybe if you
could convince the user to install certain infamous DRM sofftware you might
be able to find a back-door way to do it, but if I saw this code in a web
page I would assume you were a hacker and simply block all access to the
site. Not great if you are actually trying to sell products or services.

Marc

Thanks.
I will use javascript's try/catch to tell users what to do.
"Marc Gravell" wrote:

If it is literally just a javascript error, then try/catch may mask it.
HOWEVER the concept is still really, really dodgy; put simply: you are not
allowed to do this. A browser being able to read/write files silently on the
HDD is such a huge, gaping security hole that I am very, very glad that
every browser (and some AV sw) worth using doesn't allow it. Maybe if you
could convince the user to install certain infamous DRM sofftware you might
be able to find a back-door way to do it, but if I saw this code in a web
page I would assume you were a hacker and simply block all access to the
site. Not great if you are actually trying to sell products or services.

Marc