文件URL“不允许加载本地资源”在互联网浏览器中 [英] File URL "Not allowed to load local resource" in the Internet Browser

问题描述

我想用传统的ASP打开一个文件。我使用各种变量，因为事情可能会改变，但结果是正确的。我知道这是因为我已经通过复制linkadress并将其放入我的URL中来测试结果。现在的问题：如果我点击我的链接，它什么都不做。不是刷新，而是重定向。没有。有没有人知道我做错了什么？

好的，这笔交易。我的文件并不总是本地的，这取决于我所处的环境。如果我复制粘贴我的url的结果，它会下载。如果我点击我的网址，它不会回应。有任何想法吗？浏览器问题？ （虽然我测试过5个浏览器）还是其他什么？我真的被困在这里，互联网似乎没有在我身边。

我有3个环境。这里的变量是这样的，以便链接工作。我知道链接的工作原理，因为我通过复制来测试它。是的，它确实以 file：/// 开头，而且我确定链接是正确的。

这是我的代码行：

  response.write（< td class ='tab_kolom2'>< a href ='& rootRs（pre_rootpad）&rootRs（rootpad_protocollen）&\& overzichtRs（Formuliernr）&\Uitvoeringsoverzicht.xls'target ='_ blank'download>点击这里< / a>< / td>）
  

---

编辑：错误/结果链接截图

解决方案

现在我们知道实际的错误可以形成一个答案。

不允许加载本地资源

是Chrome和其他现代浏览器中内置的安全性异常。措辞可能会有所不同，但以某种形式或形式出现，它们都有安全例外来处理这种情况。

过去，您可以覆盖某些设置或应用某些标志，如

 
 --disable-web-security --allow-file-access-from-files --allow-file-访问Chrome 中的
 

（请参阅 https://stackoverflow.com/a/22027002/692942 ）

一个原因

在这一点上，尽管值得指出的是，这些安全例外的存在是有原因的，试图绕过它们并不是最好的主意。 / p>

还有另一种方法

由于您已经可以访问Classic ASP总是可以构建一个中间页面来提供基于网络的文件。您可以使用 ADODB.Stream 对象和 Response.BinaryWrite（）方法的组合执行此操作。这样做可以确保您的网络文件位置永远不会暴露给客户端，并且由于脚本的灵活性，它可用于从多个位置和多种文件类型加载资源。

这是一个基本的例子（ getfile.asp ）;

 <％
 Option Explicit 
 
 Dim s，id，bin，file，filename，mime 
 
 id = Request.QueryString（id）
 
'id可以是任何东西，只要将它用作识别要返回的
'文件的键即可。它可以是一个简单的Case语句，如
'，甚至可以从数据库中提取。 
选择案例编号
案例TESTFILE1
'文件，mime和文件名可以被构建，无论如何他们不需要
'必须被硬编码。 
 file =\\server\share\Projecten\Protocollen\346\Uitvoeringsoverzicht.xls
 mime =application / vnd.ms-excel
'下载资源时要显示的文件名。 
 filename =Uitvoeringsoverzicht.xls
 
'假设其他文件
 Case ... 
结束选择
 
如果Len（文件和放大器;）> 0然后
 Set s = Server.CreateObject（ADODB.Stream）
 s.Type = adTypeBinary'adTypeBinary = 1请参阅有用链接
调用s.Open（）
调用s.LoadFromFile（文件）
 bin = s.Read（）
 
清理流和空闲内存
调用s.Close（）
 Set s = Nothing 
 
'根据mime变量设置内容类型标题
 Response.ContentType = mime 
'控制如何使用
返回内容Content-处置HTTP标头。使用附件强制资源
'提示客户下载，而内联允许资源
'下载并显示在客户端（用于返回图像
'作为 src的< img>标记）。 
调用Response.AddHeader（Content-Disposition，attachment; filename =& filename）
调用Response.BinaryWrite（bin）
 else 
'返回一个404 if没有文件。 
 Response.Status =404未找到
结束如果
％> 
  

^{这个例子是伪代码，因此未经测试。}

这个脚本可以在< a> 中用来返回资源;

$ b

 < a href =/ getfile.asp？id = TESTFILE1>点击此处< ; / A> 
  

可以进一步采用这种方法并考虑（特别是对于大文件）使用 Response.IsConnected 来读取文件块以检查客户端是否仍然存在，并检查 s.EOS 属性以检查当数据块正在读取时，数据流结束。您也可以添加querystring参数来设置您是否希望文件返回内嵌或提示下载。

---

< h3>有用的连结

• 
  使用 METADATA 导入DLL常量 - 如果您在获取 adTypeBinary时遇到问题被识别，总是更好，然后只是硬编码 1 。




• 内容处理：内联和附件之间有什么区别？ - 有关如何 Content-Disposition 在客户端上运行。

I've got a major brainteaser.

I want to open a file in classic ASP. I'm using various variables because things can change but the outcome is correct. I know this because I've tested the outcome by copying the linkadress and placing it in my URL. Now the problem: If I click my link it doesn't do anything. Not a refresh, not a redirect. nothing. Does anyone know what I did wrong?

Ok here's the deal. My file isn't always local, it depends on what environment I'm on. If I copy-paste the outcome of my url it does download. If I click my URL it doesn't respond. Any ideas? Browser problem? (although I've tested 5 browsers) Or anything else? I'm really stuck here and the internet does not seem to be on my side.

I've got 3 environments. The variables underneath here are so that the link works. I know the link works because I've tested it by copying. And yes, it does begin with file:/// and yes I'm sure the link is right.

Here's my line of code:

response.write("<td class='tab_kolom2'><a href='"&rootRs("pre_rootpad")&rootRs("rootpad_protocollen")&"\"&overzichtRs("Formuliernr")&"\Uitvoeringsoverzicht.xls' target='_blank' download>Click here</a></td>")

---

EDIT: Screenshot with error/outcome of link

解决方案

Now we know what the actual error is can formulate an answer.

Not allowed to load local resource

is a Security exception built into Chrome and other modern browsers. The wording may be different but in some way shape or form they all have security exceptions in place to deal with this scenario.

In the past you could override certain settings or apply certain flags such as

--disable-web-security --allow-file-access-from-files --allow-file-access

in Chrome (See https://stackoverflow.com/a/22027002/692942)

It's there for a reason

At this point though it's worth pointing out that these security exceptions exist for good reason and trying to circumvent them isn't the best idea.

There is another way

As you have access to Classic ASP already you could always build a intermediary page that serves the network based files. You do this using a combination of the ADODB.Stream object and the Response.BinaryWrite() method. Doing this ensures your network file locations are never exposed to the client and due to the flexibility of the script it can be used to load resources from multiple locations and multiple file types.

Here is a basic example (getfile.asp);

<%
Option Explicit

Dim s, id, bin, file, filename, mime

id = Request.QueryString("id")

'id can be anything just use it as a key to identify the 
'file to return. It could be a simple Case statement like this
'or even pulled from a database.
Select Case id
Case "TESTFILE1"
  'The file, mime and filename can be built-up anyway they don't 
  'have to be hard coded.
  file = "\\server\share\Projecten\Protocollen\346\Uitvoeringsoverzicht.xls"     
  mime = "application/vnd.ms-excel"
  'Filename you want to display when downloading the resource.
  filename = "Uitvoeringsoverzicht.xls"

'Assuming other files 
Case ...
End Select

If Len(file & "") > 0 Then
  Set s = Server.CreateObject("ADODB.Stream")
  s.Type = adTypeBinary 'adTypeBinary = 1 See "Useful Links"
  Call s.Open()
  Call s.LoadFromFile(file)
  bin = s.Read()

  'Clean-up the stream and free memory
  Call s.Close()
  Set s = Nothing

  'Set content type header based on mime variable
  Response.ContentType = mime
  'Control how the content is returned using the 
  'Content-Disposition HTTP Header. Using "attachment" forces the resource
  'to prompt the client to download while "inline" allows the resource to
  'download and display in the client (useful for returning images
  'as the "src" of a <img> tag).
  Call Response.AddHeader("Content-Disposition", "attachment;filename=" & filename)
  Call Response.BinaryWrite(bin)
Else
  'Return a 404 if there's no file.
  Response.Status = "404 Not Found"
End If
%>

^{This example is pseudo coded and as such is untested.}

This script can then be used in <a> like this to return the resource;

<a href="/getfile.asp?id=TESTFILE1">Click Here</a>

The could take this approach further and consider (especially for larger files) reading the file in chunks using Response.IsConnected to check whether the client is still there and s.EOS property to check for the end of the stream while the chunks are being read. You could also add to the querystring parameters to set whether you want the file to return in-line or prompt to be downloaded.

---

Useful Links

• Using METADATA to Import DLL Constants - If you are having trouble getting adTypeBinary to be recongnised, always better then just hard coding 1.

• Content-Disposition:What are the differences between "inline" and "attachment"? - Useful information about how Content-Disposition behaves on the client.

这篇关于文件URL“不允许加载本地资源”在互联网浏览器中的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！