Question

External Link, error when opnening file by url

0

Hi, I need to open files from an external drive by my browser without uploading them to the Mendix server. To achieve this, I created the following solution: 1) An domain model object ExternalFileLocation contains url's as strings to external files 2) A screen containing a TemplateGrid depicting the url's as External Links When I add the following url to my domainmodel: file:///<driveletter>://<path>/<filename> and click on the External Link, I get the following error: Illegal Url: Note that for security purposes, local files can not be accessed Is there a possibility to surpass these security setting? If not, what is an alternative route to get the same solution? Kind regards, Rolf

asked 2013-02-13

Rolf Bolt - Infer

5 answers

Mike Kumpf · Answer 1 · 2013-02-13

Rolf, You would get this error from any web server (Mendix in this case) trying to access a local or network attached directory or file. The reason it works in another browser tab is that you are authenticated on your network and accessing the file from within the network when you paste the URL into an empty browser tab. However, Mendix tries to access this file from the outside of your network and can't get to it, for security reasons. Said another way, the url you mention above: file:///<driveletter>://<path>/<filename> only has meaning within your network, or on your local machine. And even if Mendix is running on that server, for security reasons, it is unable to access local directories or files.

In the scenario you described above, one solution would be to make the network drive the documents are scanned to accessible via the web using a simple web server, Sharepoint, etc. Once you've done that, the files would be accessible via a public URL that Mendix should be able to access, assuming that the webserver doesn't require credentials for access.

Mike

Michel Weststrate · Answer 2 · 2013-02-14

As already said by Mike, this has nothing to do with Mendix, but with basic security about how browser work. If browsers would allow this, that would mean I would now be able to read your harddisk because you are currently visiting our website. I guess you wouldn't like that.

An easy work around is to use the external link widget, and make the browser opening the file in a new window. Because that window is not already assigned a certain domain (mendix.com) it is allowed to open the file from your harddisk, as the initiating application (mendix.com) would never be able to read any response.

Mike Kumpf · Answer 3 · 2013-02-13

I don't think you can get around this - its a browser security feature on all browsers to prevent websites from snooping around your computer looking for files without your knowledge. Only solution I can think of is to put the files into a web based document management tool of some sort. This repository would then be accessible via a URL. Would be curious to know, as Bas asked, more about what capability you are trying to offer your users.....

Rolf Bolt - Infer · Answer 4 · 2013-02-13

It's not the browser security but a Mendix error message! When I copy paste the url into another browser tab, I get the file instantly!

It seems that Mendix has prevented the opening of files in a browser by using a file reference to a disk. So, if you have any suggestions it would be very welcome!

What its for? My customer does have a store where trucks are delivering cargo. Each delivery is accompanied by a packing slip and a quality certificate. Two issues arise:

1) The warehouseman has no time filing the slips and certificates in the Mendix application at the moment of unloading the trucks. However, this information should be as soon as possible available to the people who are using the information on the documents. Current way of dealing is to put the documents on a scanner and filing them on a networkdrive en let the warehouseman phone the document receivers. Telephoning is often forgotten...

2) The certificates are bulky documents sometimes about 50 or 60 pages generating a lot of gigabites.

My solution would be:

1) let the documents be filed on the network drive

2) let the scanner sending an email with the document name to an emailadress where it will be read by the Mendix application

3) create hyperlinks in Mendix to the file location of the external networkdrive

4) notify the document users

That way, the files are still on the network drive, and people in the organisation get the information as soon as possible without adding a lot of gig's to Mendix.

Rolf Bolt - Infer · Answer 5 · 2013-02-13

Hi Mike,

Thanks for your answer! I've done some testing and you are right. The browser security prevents opening the file. For the time being I'll change de firefox security setting so I can move on with my development. Later on, I will implement the webserver.

For those that are interested in tweaking the FireFox security setting (and still be secure), follow the next steps:

1) backup prefs.js
- Press [Windows Key]+[R] → Type in %APPDATA% → click OK
- find the prefs.js file somewhere at ...\Roaming\Mozilla\Firefox\Profiles\
- copy / paste prefs.js (see for details: http://kb.mozillazine.org/Profile_folder)

2) create user.js
- create an empty file called user.js in the same directory
- add the following lines:

userpref("capability.policy.policynames", "localfilelinks"); userpref("capability.policy.localfilelinks.sites","http://localhost:8080"); user_pref("capability.policy.localfilelinks.checkloaduri.enabled", "allAccess");

The user_pref 'sites' ensures that only trusted sites are allowed to open local files. It can store multiple sites, so the acc and production rollouts on the mendix server can be added as well (space separated!!!)