Yann Guidon / YGDESHTTaP is meant to help integrate #YGWM with a web-based system, and there is more to it than serving files or sending commands to TCP widgets.
Any editor needs to read and write files from the local disk/storage and the chosen language/framework (HTML/JS) does not allow that. The web browser prevents scripts from doing it, for obvious security reasons !
Yet there is a solution. Or more precisely, it's a hack ! I have described it in an article in French:
"Accéder aux fichiers en JavaScript (ou le Cross-Site Scripting utile)" in GLMF#105 pp.42-54
This describes a dirty trick, using a PHP script along with a specially crafted HTML/JS page :
- To read a local file into the JS framework, tell the browser that you want to upload said file to the server. The JS part can't access at all the file contents but the server will reply with a JS-formatted string that is the exact copy of the file. Bazinga !
- To write a file to the local file system, the JS script will send the properly formatted data as a POST form. The server then transcode and reply with these data advertised as a binary blob of unknown type, which the server will understand as a file to save. Bingo !
Note : these manipulations usually require user interaction and are not inherently more unsafe than usual methods.
The PHP script was a pain to write and I'm glad to have a totally controlled environment (the HTTaP server) where I can process the data without layers of gotchas and poisonous sugaring...
The JS framework has evolved too and "binary blobs" now solve many of the encoding problems I have !
The "Loopback" feature should be a standard, user-configurable, option in the HTTaP protocol, with its own access key.
20170429:
Now, it seems that interactive websites use a technique similar to the loopback server. An example is the circuit simulator at http://www.falstad.com/circuit/circuitjs.html
I recently spotted an addition to the HTML5 standard at https://developer.mozilla.org/en-US/docs/Using_files_from_web_applications which looks promising but it doesn't seem to writte files, and support is yet untested and unknown. I hope that my system works with HTML4 clients.
Discussions
Become a Hackaday.io Member
Create an account to leave a comment. Already have an account? Log In.