避免使用ActiveX来保存文件 [英] avoid ActiveX to save a file
问题描述
有一个函数从表中返回一个数组:
There is a function that returns an array from a table:
GetFilteredData: function()
/*====================================================
- returns an array containing filtered data:
[rowindex,[value1,value2,value3...]]
=====================================================*/
{
var row = this.tbl.rows;
var filteredData = [];
for(var i=0; i<this.validRowsIndex.length; i++)
{
var rowData, cellData;
rowData = [this.validRowsIndex[i],[]];
var cells = tf_Tag(row[this.validRowsIndex[i]],'td');
for(var j=0; j<cells.length; j++)
{
var cell_data = tf_GetNodeText(cells[j]);
rowData[1].push( cell_data );
}
filteredData.push(rowData);
}
return filteredData;
},
我使用此代码获取数据到CSV并将其直接保存到桌面:
I use this code to get the data to a CSV and save it straight to desktop:
<script language="JavaScript">
function WriteToFile()
{
var fso, s;
fso = new ActiveXObject("Scripting.FileSystemObject");
s = fso.OpenTextFile("exported.csv" , 2, 1, -2);
var colvals = tf_table1.GetFilteredData(true);
for (i=0; i<colvals.length; i++){
s.write(colvals[i] + '\r\n');
}
s.Close();
}
工作正常,但IE安全设置需要设置为Minimum(Internet选项 - >安全性)。有没有办法重写这段代码,以便它们可以在中(默认)设置上工作?
谢谢!
It works fine, however IE security settings need to be set to Minimum (Internet Options -> Security). Is there any way to rewrite this code so that they would work on Medium (Default) Settings?
Thanks!
推荐答案
为什么这需要提升权限?
JavaScript无法直接访问文件系统。您正在使用的 ActiveXObject 允许JS执行此操作。这很有道理,对吗?我们不希望网站对我们的文件系统具有写入权限,因为恶意用户可能会破坏数据或将恶意程序放在我们的计算机上。它来自地狱的偷渡式下载 。只有最受信任的网站才能拥有这种访问权限(可以说,任何网站都不应该这样做)。
Why does this require elevated privileges?
JavaScript cannot natively access the filesystem directly. The ActiveXObject you are using allows for JS to do that. It makes sense, right? We wouldn't want a website to have write access to our filesystem, because malicious users could possibly destroy data or put malicious programs on our computer. It'd be a drive-by download from hell. Only the most trusted sites should have that kind of access (and arguably, no website should be doing things like that).
我认为最好的办法是创建过滤后的CSV服务器端,并允许用户直接从服务器下载。如果用户应该将其放在特定的位置,您可以在下载之前编写他们阅读的说明。 (也许 http://ux.stackexchange.com 可以建议很好的这样做的方式)
I think the best thing for you to do is create the filtered CSV server-side, and allow the user to download it directly from your server. If the user is supposed to put it somewhere specific, you could write instructions that they read before downloading it. (maybe http://ux.stackexchange.com could suggest a nice way of doing this)
这篇关于避免使用ActiveX来保存文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
