douxing6434 2019-01-17 11:15
浏览 560

Chrome文件浏览器-访问完整路径

I understand that due to security reasons a browser doesn't allow me to access the full path of a file when selected via FileBrowser in a file input field.

Still, I am facing a problem where this feature is needed. Maybe someone can provide an alternative solution where I don't have to reinvent any wheels.

The situation is as follows.

  • The backend and the operating user have both access to the same filesystem.
  • The user has to pick one or multiple file location/s and inform the backend.
  • The backend will then schedule a task.
  • Meanwhile the file contents may be altered by the user but the location will remain the same.
  • The users browser is under our control. So we could use extensions if needed.

Questions

  • Is there any Chrome option that would circumvent the security barrier and allow me to access the full path?
  • Is there any helpful Chrome extension out there?
  • Is there any known alternative solution or "best practice" advise to this problem?
  • 写回答

1条回答 默认 最新

  • dongluobei9359 2019-01-17 13:37
    关注

    I don't understand why you'd want to be reusing either <input type="file"> or how you'd use the system filebrowser to be able to do this.

    Your problem statement would be much easier to solve if you simply listed the files available in a directory, and then performed an action based on that information.

    package main

import (
    "fmt"
    "io/ioutil"
    "log"
    "net/http"
    "net/url"
)

func main() {
    r := http.NewServeMux()

    r.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
        files, err := ioutil.ReadDir(".")
        if err != nil {
            log.Fatal(err)
        }

        out := "<ul>"
        for _, f := range files {
            v := url.Values{}
            v.Add("file", f.Name())
            out += fmt.Sprintf(`<li><a href="/do?%s">%s</a></li>`, v.Encode(), f.Name())
        }
        out += "</ul>"

        w.Header().Set("Content-Type", "text/html")
        fmt.Fprintf(w, out)
    })

    r.HandleFunc("/do", func(w http.ResponseWriter, r *http.Request) {
        fmt.Fprintf(w, r.URL.Query().Get("file"))
    })

    server := &http.Server{
        Addr:    ":8080",
        Handler: r,
    }

    if err := server.ListenAndServe(); err != nil {
        log.Fatal(err)
    }
}

    https://play.golang.org/p/bSgm4nAUUYg

    Note: This code is not production safe. You have to worry about people potentially accessing directories above where you are .., and all sorts of fun stuff that comes with sharing server information. But, it's just intended to help you get started.

    Then, you don't have to worry about what the browser is passing to you, you're completely in control.

    评论

报告相同问题?

悬赏问题

  • ¥50 永磁型步进电机PID算法
  • ¥15 sqlite 附加(attach database)加密数据库时,返回26是什么原因呢?
  • ¥88 找成都本地经验丰富懂小程序开发的技术大咖
  • ¥15 如何处理复杂数据表格的除法运算
  • ¥15 如何用stc8h1k08的片子做485数据透传的功能?(关键词-串口)
  • ¥15 有兄弟姐妹会用word插图功能制作类似citespace的图片吗?
  • ¥200 uniapp长期运行卡死问题解决
  • ¥15 latex怎么处理论文引理引用参考文献
  • ¥15 请教:如何用postman调用本地虚拟机区块链接上的合约?
  • ¥15 为什么使用javacv转封装rtsp为rtmp时出现如下问题:[h264 @ 000000004faf7500]no frame?