set iframe src to file input value?

[Chris Riesbeck]

I assume the answer to this is "no" with no workarounds, but just checking.

I have a page I open locally from my filesystem for "scrubbing"
Microsoft Word generated junk from HTML. In Firefox 2, I could simply
click on a Browse button to pick a file. The Javascript would set the
SRC of an IFRAME to that file (mangled to file: form), get the content,
scrub it, and dump the output in another window for saving.

In Firefox 3, this doesn't work because FILE INPUT value is just the
file name, e.g., foo.html, not the entire path. I understand why this is so.

I tried giving my HTML file UniversalBrowserRead capability, though I
may have done that wrong. It didn't help. Should that work? Is there an
alternative? Or am I back to the older interface where I to copy and
paste the HTML manually from a text editor?

 

[Thomas 'PointedEars' Lahn]

In Firefox 2, I could simply click on a Browse button to pick a file. The
Javascript would set the SRC of an IFRAME to that file (mangled to file:
form), get the content, scrub it, and dump the output in another window
for saving.

In Firefox 3, this doesn't work because FILE INPUT value is just the file
name, e.g., foo.html, not the entire path. I understand why this is so.

I tried giving my HTML file UniversalBrowserRead capability, though I may
have done that wrong.

You need to set the pref `signed.applets.codebase_principal_support'
to `true' (default is `false') for privilege requests to work. Then

netscape.security.PrivilegeManager.enablePrivilege("UniversalBrowserRead")

does not throw an exception. But it does not seem to help with the `value'
property either, nor does attempting to get any other privilege.

It didn't help. Should that work?

Apparently not.

Is there an alternative?

A) Using input.files[0].getAsText("target-encoding") to set
iframe.contentDocument.body.textContent and the like. Turns out you
can even use getAsBinary() or getAsDataURI() without requesting
any privileges. That's quite a security logic, isn't it?

B) Submitting a bug report, or voting on an existing bug that targets this
pointless misbehavior.

Or am I back to the older interface where I to copy and
paste the HTML manually from a text editor?

Unlikely, although I consider this crippling input[type=file] and even XHR
beyond use for scripting a major bug. There is no good reason why that
needs to be, especially not security: from my filesystem, I should be
allowed to do everything that the OS permissions of my user account would
allow me to do.


PointedEars

 

[SAM]

Chris Riesbeck a écrit :

I assume the answer to this is "no" with no workarounds, but just checking.

I have a page I open locally from my filesystem for "scrubbing"
Microsoft Word generated junk from HTML. In Firefox 2, I could simply
click on a Browse button to pick a file. The Javascript would set the
SRC of an IFRAME to that file (mangled to file: form), get the content,
scrub it, and dump the output in another window for saving.

In Firefox 3, this doesn't work because FILE INPUT value is just the
file name, e.g., foo.html, not the entire path. I understand why this is
so.

I tried giving my HTML file UniversalBrowserRead capability, though I
may have done that wrong. It didn't help.

It's not the alone bug about path of local files in this version of Fx
:-(