XMLHttpRequest 是否接受文件协议? [英] Does XMLHttpRequest accept the file protocol?
问题描述
我正在尝试制作一个需要将本地设备上的文件转换为 javascript File 对象或 Blob 的 React Native 应用程序,但它有一个使用 file://协议的地址.根据这篇媒体文章,你可以使用 XMLHttpRequest 将 URI 转换为 Blob:
I am trying to make a react native application that requires converting a file on the local device into a javascript File object or Blob, but it has an address using the file:// protocol. According to this Medium article, you can use XMLHttpRequest to turn the URI into a Blob:
uriToBlob = (uri) => {
return new Promise((resolve, reject) => {
const xhr = new XMLHttpRequest();
xhr.onload = function() {
// return the blob
resolve(xhr.response);
};
xhr.onerror = function() {
// something went wrong
reject(new Error('uriToBlob failed'));
};
// this helps us get a blob
xhr.responseType = 'blob';
xhr.open('GET', uri, true);
xhr.send(null);
});
}
我想知道这是怎么可能的,如果有人可以给出解释,考虑到 URI 不使用 HTTP 协议?根据我能找到的任何文档,XMLHttpRequest 仅用于对服务器的 HTTP 请求?
I am wondering how this is possible and if someone could give an explanation, considering that the URI doesn't use HTTP protocol? According to whatever documentation I could find, XMLHttpRequest is only used for HTTP requests to a server?
推荐答案
XHR 将请求的模式设置为CORS" [ 永久链接, templink ]
XHR sets the request's mode to "CORS" [ permalink, templink ]
所以只允许 (permalink)
So are allowed only (permalink)
- same-origin 请求(包括
blob://
方案).[临时链接] data://
方案 [临时链接]HTTP(s)-schemes
[临时链接 ]
- same-origin requests (includes
blob://
scheme). [templink] data://
schemes [templink]HTTP(s)-schemes
[templink ]
现在,浏览器并不都同意 file://
来源应该如何相互关联.有些像 Chrome 会认为它是 opaque-origin,因此永远不会将它视为 same-origin 并且您将无法在此浏览器中从该方案中获取*.
在 Firefox 中,他们会认为 FileSystem 中同目录或更深层的任何资源都是 same-origin,因此您可以在那里获取它.
此外,有些有可用的安全提升,它们可能会允许脚本访问它,例如使用 --allow-file-access-from-files 将允许来自 file://
方案的请求执行此类请求.
Now, browsers don't all agree as to how file://
origins should relate with each others. Some like Chrome will consider it an opaque-origin, and will thus never treat it as same-origin and you won't be able to fetch from this scheme in this browser*.
In Firefox, they will consider that any resource in the same directory or deeper in the FileSystem is same-origin, so there you can fetch it.
Also, some have security lifts available where they may exceptionally allow scripts to access it, for instance starting Chrome with the --allow-file-access-from-files will allow requests from a file://
scheme to perform such requests.
这篇关于XMLHttpRequest 是否接受文件协议?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!