You are not going to get a work-around to a page being served by a web server not having access to the local file system, that would be a serious bug in the browser security model.
What you can do is have the webpage be a file on your drive, open that with a browser (locally, not via a web server) and make REST/AJAX calls to your web server returning JSONP encoded data. Even easier, just have the browser store your bookmarks in the cloud, you can do that with Safari, Chrome and Firefox. You wont be able to share bookmarks across browsers, but if you stick to Chrome you just need to sign into you goggle account on the computer you are using. No need for django/webservers/etc... in this case. François On May 22, 2014, at 2:51 PM, Aseem Bansal <asmbans...@gmail.com> wrote: > This bookmarker that I want to make will be th repacement for my webbrowser's > boomarks so I will be storing the bookmarks in sqlite DB. As per my > understanding using html5 local storage is more of a temporary storage. A > sqlite3 db will be portable hence keeping my bookmarks with me in case I want > to transfer computers. Didn't get what will be insecure?Storage into sqlite3 > db or turning off web browser's security? > > I am not going to hold it against the framework. I am just going to look for > a workaround. There is always a workaround. Client and server are on the same > machine and they will be even after this is complete so why cannot I just ask > the server to open the webpage? The security applies to browser's not > allowing file protocol but my project's code is Python and there is > webbrowser module available to server. Couldn't I just ask the server to open > the webpage? They are after all on same machine. Any problems in that or am I > missing something here? > > On Friday, May 23, 2014 12:03:09 AM UTC+5:30, C. Kirby wrote: > There are not really any workarounds, just different architecture - save your > bookmarks to the django project instead of on the local filesystem. You can > also look into using html5 local storage. Just note that either of these > architecture changes would mean rolling your own bookmark system instead of > utilizing the one you use now. It is fundamentally insecure to do it the way > you want to do it, and unlikely to be hacked around. > Sometimes projects fail due to outside forces or not completely understanding > the problem domain. This may be one of those cases, and that is unfortunate. > If this is your first experience with django, don't hold it against the > framework - the issue you have run into unequivocally has nothing to do with > django. You would run into the same issue using any web framework in any > language. > > On Thursday, May 22, 2014 1:22:18 PM UTC-5, Aseem Bansal wrote: > There has to be a workaround. Using webbrowser.open via a request to the > server on clicking? That's hacky but I started working on Django for this > project and if web browsers cannot do this then I made a wrong choice for > the technology to use for this project. > > On Thursday, May 22, 2014 11:46:49 PM UTC+5:30, François Schiettecatte wrote: > See my previous email, you can get chrome to launch with securities turned > off (and Chromium too with the same command line argument), but not Firefox > or Safari, not sure about IE. Not even sure if the flag I mentioned will help > in this specific case. > > And I am not sure about the wisdom of running a web browser with securities > off. > > Regardless this is not a django issue but a browser issue, so this is not the > forum for this question :) > > François > > On May 22, 2014, at 2:10 PM, Aseem Bansal <asmba...@gmail.com> wrote: > > > I had searched that but there should be a way to give permissions. The > > client can give the permissions. Can the client not? > > > > On Thursday, May 22, 2014 11:28:59 PM UTC+5:30, François Schiettecatte > > wrote: > > It would also help to know what is giving the error. > > > > I did a quick google search with the text of the error (which you could > > have done), it looks like browsers are not keen on accessing 'file://...' > > urls from a web page served by a web server, this for security reasons. For > > kicks, I embedded a link to 'file:///Users/francois/Sites/index.html' in a > > page served by the django sandbox web server ( 'python manage.py runserver' > > ), and none of the browsers I tried would access this file (Safari, FF, > > Chrome, IE). > > > > François > > > > On May 22, 2014, at 1:39 PM, C. Kirby <mis...@gmail.com> wrote: > > > > > Errors without code aren't very useful. If you provide the view and > > > template you are rendering it will give us something to latch onto and > > > debug > > > > > > Kirby > > > > > > On Thursday, May 22, 2014 12:23:06 PM UTC-5, Aseem Bansal wrote: > > > I understand the requirement of file protocol. That's how I keep > > > bookmarks in Chrome currently. But when I served the same as a hyperlink > > > I am getting Not allowed to load local resource: > > > > > > On Thursday, May 22, 2014 10:14:39 PM UTC+5:30, François Schiettecatte > > > wrote: > > > You can do this with a 'file://...' url, that will cause the browser to > > > open a file on the local file system, the browser won't need to ask for > > > permission, the only issue is that the files will need to be in a known > > > path. > > > > > > François > > > > > > On May 22, 2014, at 12:34 PM, Aseem Bansal <asmba...@gmail.com> wrote: > > > > > > > The server will not be able to open pages stored on client machine but > > > > the client user should be able to open html pages stored on client > > > > machine by clicking on a hyperlink manually. > > > > > > > > On Thursday, May 22, 2014 10:02:52 PM UTC+5:30, Aseem Bansal wrote: > > > > I want the the webpage served to the client machine from the server to > > > > have a hyperlink. The hyperlink will be for a html file stored on the > > > > client machine. After the webpage has been served to the client > > > > webbrowser then when the client user clicks on the hyperlink I want the > > > > html page to be opened in the webbrowser. The webbrowser can ask for > > > > the permissions if necessary. > > > > > > > > Basically I want a interface where I can manage my bookmarks - offline > > > > or online for which I am making this. So any ideas now? > > > > > > > > On Thursday, May 22, 2014 1:45:53 PM UTC+5:30, Daniel Roseman wrote: > > > > On Tuesday, 20 May 2014 19:29:06 UTC+1, Aseem Bansal wrote: > > > > I am working on a BookMarker project for managing my bookmarks. I was > > > > creating the search page for lisitng bookmarks as per categories. I hit > > > > a snag while testing it. I am unable to open locally stored webpages. I > > > > understand that it is for security purposes but is it possible > > > > (cross-browser way) to grant permissions for a app to open locally > > > > stored files? The app can ask for permissions for this. > > > > > > > > You'll need to be a bit clearer. Ignoring for the moment the fact that > > > > the client and the server are the same machine in development, are you > > > > hoping for your server to be able to open pages stored locally on your > > > > client? That's not going to be possible, for what I hope are obvious > > > > reasons. If that's not what you mean, you should explain in more > > > > detail. > > > > -- > > > > DR. > > > > > > > > -- > > > > You received this message because you are subscribed to the Google > > > > Groups "Django users" group. > > > > To unsubscribe from this group and stop receiving emails from it, send > > > > an email to django-users...@googlegroups.com. > > > > To post to this group, send email to django...@googlegroups.com. > > > > Visit this group at http://groups.google.com/group/django-users. > > > > To view this discussion on the web visit > > > > https://groups.google.com/d/msgid/django-users/7df2d6a2-dcc9-4551-8617-a4eb30003926%40googlegroups.com. > > > > > > > > For more options, visit https://groups.google.com/d/optout. > > > > > > > > > -- > > > You received this message because you are subscribed to the Google Groups > > > "Django users" group. > > > To unsubscribe from this group and stop receiving emails from it, send an > > > email to django-users...@googlegroups.com. > > > To post to this group, send email to django...@googlegroups.com. > > > Visit this group at http://groups.google.com/group/django-users. > > > To view this discussion on the web visit > > > https://groups.google.com/d/msgid/django-users/4e5e9e63-0771-4a04-8cbc-91361106f81c%40googlegroups.com. > > > > > > For more options, visit https://groups.google.com/d/optout. > > > > > > -- > > You received this message because you are subscribed to the Google Groups > > "Django users" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to django-users...@googlegroups.com. > > To post to this group, send email to django...@googlegroups.com. > > Visit this group at http://groups.google.com/group/django-users. > > To view this discussion on the web visit > > https://groups.google.com/d/msgid/django-users/273a748c-5084-4c59-95eb-3a18210d4f21%40googlegroups.com. > > > > For more options, visit https://groups.google.com/d/optout. > > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-users+unsubscr...@googlegroups.com. > To post to this group, send email to django-users@googlegroups.com. > Visit this group at http://groups.google.com/group/django-users. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/77803bee-32d5-4e81-9316-877ebe1dd9de%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/85A03E26-3A83-4936-9870-5DE2FC17DA30%40gmail.com. For more options, visit https://groups.google.com/d/optout.
