Allows Tampermonkey in Safari to acces files on my computer - safari

How can I use #require using Tampermonkey in Safari?
If I use it, and point to the .js file on my file system, that javascript never gets executed. Presumably because I need to allow Tampermonkey to access files on my file system. How can I do that? I am looking for an option similar to this one in Chrome:

Short answer, you can't.
To the best of my knowledge, Safari blocks every attempt of extension to access local files. The only place extensions have access is the baseURI of the extension and it's subfolders. I wrote my own extension and tried to change JS files in the baseURI folder manually, to see if the user script changes accordingly. It doesn't. Safari keeps a copy of it's current state and ignores any changes made to the baseURI, unless you click reload extension command.

Related

How to read files from anywhere with vue.js

I am trying to read files from my music directory on my PC.
I have tried doing it with the node.js file system module, but it is not working. How do I get it to work?😢
Just a late follow-up. It is possible to read and write files using HTML5 with the FileReader and saveAs(). The browser will open a file dialogue and let the user choose the file, so the user is aware of the file access. It is not possible to read or write to a file without the user's attention.
https://developer.mozilla.org/en-US/docs/Web/API/FileReader
As said by #flame in a comment, it's just impossible, because the browser never have access to the visitor's disk (do you imagine the security issue if it was the case ?).
Vue.js is a Front-end framework, so the application it produces only have access to what the browser has access to.

How to set and verify file's origin?

Can you guys suggest any method for my below problem?
I am developing an application which requires users to download an excel file, modify some content and upload exactly the same file they just download.
The requirement started from the fact that there is macro inside the excel file (which can be changed often), hence I try to make sure they always download and do works with the latest version. Then have to upload that file again.
My system is a web-based application for your reference.

Access Web Inspector in Safari with Applescript

I'm trying to create an Applescript script which essentially downloads files from Safari. However, the files are not available for download via the web page, so I usually open up the Web Inspector and then go to Resources and then in a folder called Other, download the file.
I've been searching the web for a method to do this via Applescript, but to no avail. My question is therefore: How can I access the Web Inspector > Resrouces > Other files in my current Safari window? I know that it is possible to bring up the Web Inspect using ⌥⌘I, and then you can change pane inside of the Inspector using ⌘]. But I can't get focus on the list of Resources Files, as shown below:
Is it possible to access this .mp3 file inside of the Other folder without using shortcut commands? And if not/if so, how can I access the Other folder inside of this window pane?
Thanks for your help in advance.
Is it possible that you can access the .mp3 file some other way? Rather than using the Web Inspector, perhaps you can find the link to the .mp3 file within the page source code, and then download it.
If you want to access the "Other" folder, then you will have to copy the web address you need it for, reset safari, go to the web page via the html bar and then open up the web inspector via alt>cmd>I and it should be there.Not sure what Apple Script has to do with anything (But I have never used it :P)
Hope this helps

One Click install for Safari Extensions

When a user downloads a plugin firefox (for example) the plugin installation begins as soon as the download has completed.
Is it possible to achieve the same thing in safari? i.e. user clicks link to download plugin, once it has downloaded it automatically begins the installation.
I don't think this is possible to do on any other domain except extensions.apple.com.
I've done some extensive testing on this and the safari.installExtension() method is only present if the domain matches extensions.apple.com (probably controlled by the browser, similar to how certain Chrome APIs only shows up inside of extensions themselves).
I tested this theory by going to the JS file itself and opening the JS console:
https://extensions.apple.com/home/scripts/extensionInstall.js
After that JS file has loaded, type typeof(safari.installExtension) in the JS console and it should return "function". Notice that it exists on a non-HTML page, meaning it's being provided by the browser (since this script doesn't execute, nor has the code in it to provide this method).
I tried doing this on other sites and it doesn't exist: "undefined".
I also had a crazy thought that it just needs extensions as the subdomain, so I tested it on http://extensions.joomla.org too, no dice. I can't seem to find an extensions sub-domain that's SSL though. That may work, but I seriously doubt it as the method appears to be regulated to only show up when on Apple's specific extensions sub-domain.
No solution for that here, but maybe this can help?
In apple extension gallery at https://extensions.apple.com the extensions do install in one click, and i wanted to achieve the same in a website of mine, so i went and checked their JS source code.
A javascript file there defines a "ExtensionOneClick" Object (https://extensions.apple.com/home/scripts/extensions.js).
A method is dedicated to installing extensions:
// href : path to the extension ".safariextz" file
// id : com.whatever.myextension-<safaridevelopper10charsid>
safari.installExtension(id, href);
I tried to replicate this on my website, but i get "safari is undefined", so I guess a site specific hack in Safari is helping here?

Preventing direct access to files in IIS 7

I have a PHP application running on a Micrisoft IIS 7 server. The application shows PDF files on an iFrame, which contains user's sensitive data that I wouldn't like to be directly accessed by anyone that knows the file address.
So basically, I'm looking for a way to protect files from direct browser access or download, but still be able to show it on the application's iFrame.
I made some research with Rewrite rules, but since the "HTTP_REFERER" of an iFrame is empty, I couldn't find a good solution
Any suggestions for this?
Thanks in advance
Without seeing any of your code, or how your application works, I can only give suggestions based on how I think your app works.
Rather than showing the files themselves, with links directly to those files, you should consider changing your application so that the PHP reads in the directory, displays the file names (however you want them to appear), with links that go to a download.php page. The download page (after checking whether the user has permission to download the file) then loads the file into memory and serves it out as a response (with appropriate Content-Disposition and Content-Type headers).
Since your PHP application can read files directly within the web directory, you can set up rewrite rules to prevent accessing those files from the web; that way, the files can only be accessed by the PHP application, which doesn't rely on rewrite rules to access the drive.
This is how places like Source Forge can display an advertisement with a countdown that your file download will begin in 5 seconds.