[Javascript] Using FileSystemObject when on-line

Rodney Myers rodney at aflyingstart.net
Wed Jun 19 14:41:57 CDT 2002 

Further tests conducted today were around the issue of the use of the file now
successfully written to hard disk after changing the trusted sites settings.

The file will be a .js file but it will be on the local hard disk while the site is
at a remote http location.

I had thought that I would have to have users define a folder to which the file could
be written using a windows path, while the same file would be picked up as an
included script file with an http://localhost address by making a virtual directory
in PWS/IIS/Apache. However a colleague prompted me to try the inclusion with a
windows address so that no local webserver would be required if the format worked.

This did work, somewhat to my surprise not only when the htm file was local but also
when remote:

<script src="C:\allsites\MC4PROJ\dfr\pages\test.js" language="JavaScript"></script>

Although Netscape will not feature in this development due to having no built in
Active_X handling I could not resist trying a test file in Netscape, using its own
file format, which also worked in 4.x and 7 (Preview):

<script src="file:///C|/allsites/MC4PROJ/dfr/pages/test.js"
language="JavaScript"></script>

If it was important, one could script the inclusion to suit the detected browser.

BTW, the written file will contain customer and order information and, after some
hard scripting, will have the effect of "extending the cookie system" (It is
technically nothing at all to do with cookies but functionally there is some
similarity) so that all customers the salesperson sees will have data available.
Another file will contain a data array of customer names and the corresponding file
names which will be used to generate links to facilitate choice of customer data to
'load'


hth somebody

Rodney



Rodney Myers wrote:

> Per,
>
> You are right on target!
> Yes IE5.0+ is required to run FileSystemObject and there is no worry about that
> since the users must all be personally briefed on set-up.
>
> I added the website root address to trusted sites using
> Tools -> Internet options
> Since the site was http and not https I also had to uncheck the box that required
> https checking.
>
> Then I ran the page successfully.
>
> Of course there is a warning about the danger of the Active X object that is
> automatically generated by the browser. Often Norton Anti Virus chips in to warn
> and stop/restrict useage of the script.
>
> For the users, the trusted site will be that of their employer.
>
> Thank you very much! And thanks to PB also for highlighting the security issue.
>
> Rodney

More information about the Javascript mailing list