Hi,
I just wonder if anybody can help me with this:
I need to give my javascript code some extended permissions for disk access on client's machine,
and as i understand i need to sign this js. Can someone tell me how to sign js to work with with ie?
Can i put my js file into jar and use jarsigner for that?
And by the way, would it give me disk access permissions?
I need that for the following: our client gets a cd from us with some mp3 files. When they log onto
our web site, they see some links:
eg <a href="file:///e:/resource/file.mp3"><a/>
pointing to the files in their cd, so when they click on a link, that file should start playing.
Or is there another way to access client's disk from a web page for a task like described?
I would highly appreciate any ideas/suggestions!
Thank you in advance!
Andrey 12  8456 
On Wed, 06 Oct 2004 14:48:06 GMT, Andrey wrote: Can i put my js file into jar and use jarsigner for that?
You can put Java classes into a jar and use Sun's jar signing
tool to give it extended privileges, but that will not work
with *Javascript*.
<http://www.physci.org/codes/javafaq.jsp#js>
Figure out exactly what you are dealing with before you proceed.
--
Andrew Thompson http://www.PhySci.org/codes/ Web & IT Help http://www.PhySci.org/ Open-source software suite http://www.1point1C.org/ Science & Technology http://www.lensescapes.com/ Images that escape the mundane
Andrew Thompson wrote:
<snip> You can put Java classes into a jar and use Sun's jar signing
tool to give it extended privileges, but that will not work
with *Javascript*.
<http://www.physci.org/codes/javafaq.jsp#js>
Figure out exactly what you are dealing with before you proceed.
That post seemed perfectly on-topic to me. The OP was obviously asking
whether JavaScript can be put into a jar file and signed, just like Java
can.
At least, I imagine that by "js file" it was meant "file with a .js
extension"....
Stewart.
Andrew Thompson wrote: On Wed, 06 Oct 2004 14:48:06 GMT, Andrey wrote:
Can i put my js file into jar and use jarsigner for that?
You can put Java classes into a jar and use Sun's jar signing
tool to give it extended privileges, but that will not work
with *Javascript*.
<http://www.physci.org/codes/javafaq.jsp#js>
Figure out exactly what you are dealing with before you proceed.
Andrew, my question is about JavaScript, not Java.
Maybe it confused you when i asked about signing jar file, but i've seen something on the internet
about calling javascript from a signed jar - yes, just client-side javascript code, not a Java
applet or anything else.
Ok, here's my problem - say i have a bunch of links on my web page and i need to show/hide them
depending on what files present on client's machine - so i want to do it using JavaScript/DHTML.
But to access client's resources(eg CD-ROM), i need to get special permissions, right?
So my question is if JavaScript code can be signed to get access to client's resources?
I've seen in a js book that UniversalBrowserRead (or something like that) permissions are required,
so my question is how do i do that?
Thank you in advance,
Andrey
Stewart Gordon wrote: Andrew Thompson wrote:
<snip>
You can put Java classes into a jar and use Sun's jar signing tool to
give it extended privileges, but that will not work with *Javascript*.
<http://www.physci.org/codes/javafaq.jsp#js>
Figure out exactly what you are dealing with before you proceed.
That post seemed perfectly on-topic to me. The OP was obviously asking
whether JavaScript can be put into a jar file and signed, just like Java
can.
You are right :) But more generally i've asked if there is a way to enable javascript access to a
local resource (hard-drive or cd-rom)
Do you know anything about this?
At least, I imagine that by "js file" it was meant "file with a .js
extension"....
That's perfectly true :)
Thank you
Andrey
"Andrey" <le*******@yahoo.com> wrote in message
news:WpU8d.341509$Fg5.329447@attbi_s53... Andrew Thompson wrote: On Wed, 06 Oct 2004 14:48:06 GMT, Andrey wrote:
Can i put my js file into jar and use jarsigner for that?
You can put Java classes into a jar and use Sun's jar signing
tool to give it extended privileges, but that will not work
with *Javascript*.
<http://www.physci.org/codes/javafaq.jsp#js>
Figure out exactly what you are dealing with before you proceed.
Andrew, my question is about JavaScript, not Java.
Maybe it confused you when i asked about signing jar file, but i've seen
something on the internet about calling javascript from a signed jar - yes, just client-side
javascript code, not a Java applet or anything else.
Ok, here's my problem - say i have a bunch of links on my web page and i
need to show/hide them depending on what files present on client's machine - so i want to do it
using JavaScript/DHTML.
But to access client's resources(eg CD-ROM), i need to get special
permissions, right? So my question is if JavaScript code can be signed to get access to
client's resources?
I've seen in a js book that UniversalBrowserRead (or something like that)
permissions are required, so my question is how do i do that?
Thank you in advance,
Andrey
Perhaps a modification of the following?
<html>
<head>
<title>if_file.htm</title>
</head>
<body>
<script type="text/javascript">
var wNT = "C:\\WinNT\\system.ini";
var w98 = "C:\\Windows\\system.ini";
var oFSO = new ActiveXObject("Scripting.FileSystemObject");
if (oFSO.FileExists(wNT)) alert(wNT);
if (oFSO.FileExists(w98)) alert(w98);
</script>
</body>
</html>
McKirahan wrote:
<...>
Perhaps a modification of the following?
<html>
<head>
<title>if_file.htm</title>
</head>
<body>
<script type="text/javascript">
var wNT = "C:\\WinNT\\system.ini";
var w98 = "C:\\Windows\\system.ini";
var oFSO = new ActiveXObject("Scripting.FileSystemObject");
if (oFSO.FileExists(wNT)) alert(wNT);
if (oFSO.FileExists(w98)) alert(w98);
</script>
</body>
</html>
Right, that's exactly what i want to do, but the problem that IE will not allow to run this script
on client machine because of security issues.
So i need to make this javascript 'trusted', and that's my question - how?
Thank you,
Andrey
Signed JavaScript technology (.js in .jar) has been implemented in 4th
Netscapes and died with them. Starting 5th version (AKA 6th) they dropped
it. IE never supported it. Also even then you would not get the disc access,
it was all for "little" privileges: chromeless windows, off-screen
positioning etc.
You may start with a simple BlahBlah.hta page
If user grants permission on request, you can create an FileObject and go
on.
Also put a complain form on the same page ("My X browser doesn't work, what
a hell?")
If you collect at least 40-50 nasty ones, you may consider to buy a code
signing cert and mess up with signed applets/ActiveX. Up to that point HTA
would be sufficient.
:-)
:-|
"Andrey" <le*******@yahoo.com> wrote in message
news:M9V8d.190998$MQ5.20101@attbi_s52... Right, that's exactly what i want to do, but the problem that IE will not
allow to run this script on client machine because of security issues.
So i need to make this javascript 'trusted', and that's my question - how?
Thank you,
Andrey
As VK suggested, try an HTA (HTML Application):
<html>
<head>
<title>if_file.hta</title>
</head>
<body>
<script type="text/javascript">
var wNT = "C:\\WinNT\\system.ini";
var w98 = "C:\\Windows\\system.ini";
var oFSO = new ActiveXObject("Scripting.FileSystemObject");
if (oFSO.FileExists(wNT)) alert(wNT);
if (oFSO.FileExists(w98)) alert(w98);
</script>
</body>
</html>
McKirahan wrote: "Andrey" <le*******@yahoo.com> wrote in message
news:M9V8d.190998$MQ5.20101@attbi_s52...
Right, that's exactly what i want to do, but the problem that IE will not
allow to run this script
on client machine because of security issues.
So i need to make this javascript 'trusted', and that's my question - how?
Thank you,
Andrey
As VK suggested, try an HTA (HTML Application):
<html>
<head>
<title>if_file.hta</title>
</head>
<body>
<script type="text/javascript">
var wNT = "C:\\WinNT\\system.ini";
var w98 = "C:\\Windows\\system.ini";
var oFSO = new ActiveXObject("Scripting.FileSystemObject");
if (oFSO.FileExists(wNT)) alert(wNT);
if (oFSO.FileExists(w98)) alert(w98);
</script>
</body>
</html>
Ok, it's closer. But if i launch this hta file, it pops a new blank window after the alert is ok'd.
But i need to integrate this into my existing web site, with no additional windows to popup.
VK wrote: Signed JavaScript technology (.js in .jar) has been implemented in 4th
Netscapes and died with them. Starting 5th version (AKA 6th) they dropped
it. IE never supported it. Also even then you would not get the disc access,
it was all for "little" privileges: chromeless windows, off-screen
positioning etc.
You may start with a simple BlahBlah.hta page
If user grants permission on request, you can create an FileObject and go
on.
Also put a complain form on the same page ("My X browser doesn't work, what
a hell?")
If you collect at least 40-50 nasty ones, you may consider to buy a code
signing cert and mess up with signed applets/ActiveX. Up to that point HTA
would be sufficient.
:-)
:-|
Well, hta don't work for me - when i load a hta page, it gives an option to Open/Download, which is
not clear for a user in the first place - our users are ... just users, if you know what i mean :)))
Also it pops a new blank window after i choose Open.
But the problem is that i may not change the structure we have, i may only add some functionality to
the existing aspx/html pages.
And i'm ok if i need to buy a certificate (from VeriSign?) - anyway my boss will be buying it, so i
don't care :)
But i need to get to the right direction with that - say, how can ActiveX help me?
I tried using the code McKirahan provided, but on html page not a hta, and got an error that
automation server can't create an object () - is it a permissions issue?
Error appeared while executing
var oFSO = new ActiveXObject("Scripting.FileSystemObject");
Speaking about java applets - i use "tinyplayer" - free java applet for playing mp3's.
If i sign this applet and place in on the web page on the web server, it allows me to play files
from my local server (i put link like "http://localhost:81/file.mp3"), but if i give it a file:///
location it doesn't play - i guess also permissions...
So what about ActiveX? Where should it be placed?
Please please please any ideas!
Thank you in advance
Andrey
You can run Javascript code that accesses local resources like
ActiveXObject, etc., from within a web-page. You must put the code (js
files) in a signed CAB file.
I did this many years ago with Internet Explorer 4.x and 5.x. They
have have removed that priviledge in IE 6.0, but I'm not certain about
that.
-Kody
On 8 Oct 2004 14:18:29 -0700, Kody Brown wrote: You can run Javascript code that accesses local resources like
ActiveXObject, etc., from within a web-page. You must put the code (js
files) in a signed CAB file.
I can finally make sense of the OP's statement.
CAB files are for the MSVM exclusively.
I did this many years ago with Internet Explorer 4.x and 5.x. They
have have removed that priviledge in IE 6.0, but I'm not certain about
that.
...given they have removed the MSVM[1], it is not a
question of removing the 'privilege'..
[1] The MSVM is also actively being removed from remaining IE
(4/5 & 6) implementations that have it. I distribute a Java
tool that removes it[2], though there are a variety of ways
to remove or disable the MSVM.
[2] <http://www.physci.org/jvmclean.jsp>
--
Andrew Thompson http://www.PhySci.org/codes/ Web & IT Help http://www.PhySci.org/ Open-source software suite http://www.1point1C.org/ Science & Technology http://www.lensescapes.com/ Images that escape the mundane This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: LC's No-Spam Newsreading account |
last post by:
I asked a couple of days ago about the following arrangement
(simplified). I made some progress using
netscape.security.PrivilegeManager.enablePrivilege but still have to ask
some further help.
...
|
by: FatBo |
last post by:
Dear all,
I am writing a Javascript which print a page without prompting the
print dialog when the page is loaded. However, there is a warning box
prompted out because I am requesting the...
|
by: chanma |
last post by:
I have an num -569360386, and turn it into hex format.
I use toString(16),I get -21efc002.
But how can get 0xDE103FFE,which is to ignore the highest bit as the
signed bit?
|
by: =?iso-8859-2?B?SmFuIFJpbmdvuQ==?= |
last post by:
Hello everybody,
this is my first post to a newsgroup at all.
I would like to get some feedback on one proposal I am thinking about:
--- begin of proposal ---
Proposal to add...
|
by: jindalily |
last post by:
Hey guys,
I wasn't completely sure if this would be a Java or JS topic, but I thought it had more to do with Ajax and whatnot. Anyway, I have an embedded and signed Java applet on my page like so:...
|
by: lavie |
last post by:
I have a signed JAR which contains an HTML page and a .JS file full of various Javascripts.
I am attempting to call some of the JS from the HTML. I have tried both <script src="DnDTest.js"...
|
by: hello2008 |
last post by:
Hi,
I donot have much knowledge of R.Exp. In my web page I am required to validate numeric textboxes allowing signed/unsigned integer/float numbers and then compare between them. I need the...
|
by: JohnLorac |
last post by:
Hello,
I'm trying to load and write file on local disc drive using signed
javascript file. But I have experienced problem running this url:
...
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome former...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
| |
