I would like to change the default location use by the browser when uploading a file.
I mean I have a website and when the client clic on upload file, I would like to point to a target directory (ie Downloads) instead of Desktop.
How can I do it ?
My website use Flask / Python
That's probably impossible. It's the client who choose's where to save data not the server.
You'll need to know the computer's folders paths. And that's called Hacking wich is illegal.
Related
I'd like to build an application (local, not online) by using front-end web technology for the UI, the application simply displays PDFs and has a few text fields for the user to fill in with regards to the current PDF they're viewing, the user can then export their notes and a file path to the document in CSV file format.
comment about file, some more notes, C:\somefolder\doc1.pdf
comment about file, some more notes, C:\somefolder\doc2.pdf
My first issue, JavaScript can't access the local file system, so I used a file upload form which worked except the filepaths were shown as blob filepaths and not the actual system file path. Other than that my "application" worked as intended.
I went and learned Flask in hopes of using python for the back end, which works great except when I pass in the file path to the pdf C:\SomeFolder\doc1.pdf inside the 'src' attribute for an Chrome says it can't access local files. SO I'm back to sqaure one!
How can I go about building this application with local file access?
If you need to access the local files, you can create an endpoint in flask that launches a file dialog GUI. This only works because you application is hosted locally. You can use either tkinter or the native windows API using win32ui.
Assuming you are using the standard Flask format:
from app import app
#app.route('/file_select', methods=['GET', 'POST'])
def file_select():
from tkinter import Tk
from tkinter.filedialog import askopenfilename
root = Tk()
root.withdraw()
# ensure the file dialog pops to the top window
root.wm_attributes('-topmost', 1)
fname = askopenfilename(parent=root)
return jsonify({'filepath': fname})
or using the win32ui API
#app.route('/file_select', methods=['GET', 'POST'])
def file_select():
import win32ui
winobj = win32ui.CreateFileDialog(1, ".pdf", "", 0,
"PDF Files (*.pdf)|*.pdf|All Files (*.*)|*.*|")
winobj.DoModal()
return jsonify({'filepath': winobj.GetPathName()})
Now just add a button that points to the /file_select route and you will open a file dialog via the python local server and return the selected file.
Assuming you are accessing the page via http://localhost:8080/page or something like that, you should serve your content via that approach. Effectively, rather than serving the files as paths on the local file system, you would create an application route and associate it with a handler than retrieves the appropriate PDF from the local filesystem, and then sends back a response containing Content-Type: application/pdf in the HTTP response headers and the bytes of the PDF file in the response body.
To avoid duplicating someone else's solution for the approach described about, I would recommend taking a look at this answer for "Flask handling a PDF as its own page".
Because you are technically sending the response back from localhost -- or whatever name you are serving it with -- rather than trying to load a local file directly from the client's web-page, Chrome shouldn't throw any complaints.
Of course, it's worth noting that best practices should be taken when determining the file to load, if this were going to be anything more than a learning project. In any legitimate system that did this kind of thing, it would be necessary to perform checks on the requested files to ensure a malicious user does not abuse the application to leak files from the local filesystem, beyond those files which are intended to be served. (To that end, you typically might have the src element contain a parameter that is set to the hash/unique ID for the file which is then mapped via some database to the correct path of the file. Alternatively, you might use a param in the src that contains the name of the file without the full path, and then check that the user-provided value for that parameter in the request does not contain any characters outside of a charset like [a-zA-Z0-9_-].) Ultimately, it sounds like this particular warning doesn't apply to your case, but still providing it in case anyone else reads this in the future.
I think mht is exactly what you want. mht is a file extension recongnized by IE. Internally it is an HTML file. IE (only) treats a mht file with the same security restrictions that a exe might have. You could access the file system, delete a file, display a file etc.. It is everything that html/javascript security was trying to prevent. Now that IE has changed significantly I don't know what the support for this is nowadays. I couldn't find a reference page to give you a link, but it is simple enough - just save a html file with an mht extension
I'm working on a demo for a program that creates some files on its own directory. This demo will be shown to someone physically far, via VPN, so I made a simple django project just to receive an input, call some scripts and display the output - the generated file. However, I don't have permission to open the file to display it since it's on a directory outside of the django project (the result is a permission denied error).
I'm aware it's not good practice or even safe for a web server to have access to files outside of its directories, but since this will run in a closed environment for a short amount of time only, is there a workaround?
Think of it this way - If web server can generate the files , it can display them also.
As for your answer - if you know the path of the file, use the python open built in method to open the file and render the result to a template.
data = open('file_path').read().decode('utf-8')
render(request, template, context={data:data})
I'd like to download multiple files from a single website, but the biggest quirk I have is that the server automatically generates a random filename upon requesting the file to download. The issue here is then I won't know which file is which, without having to manually go through each file. However, on the site that has the links to download the files, they all have a name. For example...
File name -> Resultant file name(fake file names)
Week1.pdf 2asd123e.pdf
Week1_1.jpg dsfgp142.jpg
.
.
Week10.pdf 19fgmo2o.pdf
Week11.pdf 0we5984w.pdf
If I were to download them manually by myself, I would type click "download" and a popup "Save as" menu comes up, which gives me the option to change the file name manually, then click ok to confirm the download, to which it starts downloading.
Currently, my code is made to open up the website, log into my account, go to the files page, and then find a file, with it's corresponding server request link. IE: . I am able to store the name of the file, "Week1.pdf" into a variable, and click on the request link, but the only problem is that the Save as menu, doesn't have the ability to change the name of the filename, and only gives me the option to view the file, or Save the file immediately. I've looked around a little, and tried to play around with the Firefox profile settings, but nothing has worked. How would I go about solving this problem?
Thanks
I can think of a few things that you might try...
After the file is saved, look in the downloads folder for the most recently saved file (with the correct extension) using time stamps. This will probably be OK as long as you aren't running this threaded.
Get the list of files in the download directory, download the file, find the file that doesn't exist in the list of files. Again this should be safe unless you are running this threaded.
Create a new folder, set the download directory to the newly created folder, download the file. It should be the only file in that directory. As far as I know, you can only set the download directory before creating the driver instance.
In each of these cases, if you plan to download multiple files I would rename each file as you download them or move them into some known directory to make it easier on yourself.
There's another method I ran across in another answer.
I'm writing a Python script that works with images on the user's computer, my plan is to display these images on a webpage via bottle.py (which can change if need be) on localhost. The images and the script could be located anywhere, however serving from localhost doesn't allow me to display images with a file:/// path for security reasons, so I'm stuck as to how I can achieve this. I basically want bottle's static_file function but with multiple files and within a HTML template. Is this at all possible without moving the images?
No, the browser sandbox won't and shouldn't allow this. Think about it this way: if you were able to display images from the user's computer without his explicit approval, they would be part of the DOM and what would stop a script from manipulating them or sending to a server without the user's knowledge?
I created new directory via 'myimages' under static directory. And whenever user upload files, file get stores in that directory. Once file uploaded I can access that on html using '/static/myimages/imagename.png'. It works fine whenever I am uploading new image. But whenver I try to override image. It shows me old image only.
I manually check in directory. It has new image, but still when I try to access that via browser, it gives me old image.
This sounds like your browser is caching the images. Try setting the cache_max_age=0 on your add_static_view, or viewing the page in your browser's incognito mode where it'll use a different cache.