Im building an AIR application using the HTML/JS SDK.
I can include scripts and stylesheets as long as they are in the same folder as my website, but no remote content fetched from the Internet can be included ! No remote scripts, neither from jquery nor from google... I put <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> and nothing happens ! It is the case for every file, not only this one.
Have you ever run into this issue ? In the AIR documentation they seem to present us with big mashups and remote inclusions all the time, still it won't work for me !
You can definitely do this in AIR, but you need to work around the security restrictions as by default you can't do this from the first frame that is loaded. Thankfully it's not too hard.
You need to create an iframe in your main html page (e.g. index.html) and load all of your content into this. Your main html page then acts as a controller of sorts allowing you to call methods which require enhanced security permissions (file system etc..), while any code loaded into the iframe is allowed to load external media and scripts and also allowed to use JavaScript eval and other methods which are otherwise blocked in the main frame of the application.
You can read about it here http://help.adobe.com/en_US/AIR/1.5/devappshtml/WS5b3ccc516d4fbf351e63e3d118666ade46-7f08.html#WS5b3ccc516d4fbf351e63e3d118666ade46-7f07
Read the full page so you understand the concept, but pay particular attention to the sandboxRoot and documentRoot attributes when you are setting up the iframe.
Related
With Ruby on Rails I can run rails s -p 3000 and preview my site at localhost:3000.
With React I can run npm start and view the site at localhost:8080.
What if I just have html and CSS files, how do I preview that?
On OSX, you can run a simple web server from any directory using this command:
python -m SimpleHTTPServer 8000
Then, you can hit the directory in your browser by going to http://localhost:8000/path/to/file.html
You can try click 2 times in index.html to open the file in browser.
Every time you update the code in sublime text, you need to reload the browser and the updates will be aplied.
This usually depends on your device/OS and what your eventual goals are, but usually you can either use (online) software that renders the HTML and the CSS for you (such as Brackets.io, etc.) whilst you are typing it (to live preview any modifications/additions), or you can put the documents live using a local webserver such as Xampp or OSXs built in simple web server, and check their respective localhost locations every time you save changes using your code editor.
You could also simply use online applications like Codepen, which can also render HTML and CSS, and even JavaScript. Codepen just today launched Codepen Projects which allows you to create entire website projects at their website. It is however, a pro (paid) feature.
Here's a short overview of code playgrounds that offer the functionality you requested (by no means an exhaustive list):
JSFiddle
CSSDeck
CodePen
JSBin
And ofcourse you can insert Snippets here on StackOverflow, which is also able to render HTML and CSS (and JS).
If you really only use HTML and CSS, previewing in a browser is also possible, opening the .html file by double clicking and opening in Internet Explorer, Chrome, etc.
At present, I start up red5 in linux command line ./red5.sh and it runs the script. Then I go to http://localhost:5080 demos page to set up my camera and audio input and all works fine in testing the stream both on demo page and in swf of my webpage.
Question is, do I need to include some java and/or action script for the swf player to
bypass the red5 demo page so I can directly connect my input and stream in the code of the page? Also so only logged in webpage viewers can connect?
Overall wondering if there is a way of hiding the server stream from anyone not logged in to view it on my site? I understand in webapps folder somewhere there is the hosts list of IP but it would be impossible to know the IP of the viewers as opposed to unwanted viewers or bandwidth stealers.
I am trying to set up a site for poetry readings and make it so readers can record live to my server and then logged in viewers can view from my website. I am trying to figure out whether I must have that red5 page open and if that doesn't pose some kind of risk.
Found my own way of doing this just by removing and renaming files and folders.
If you go to usr/local/red5/webapps here lies all the directories for viewing when you go to default port 5080 so I simply installed the applications I needed and then took everything out of there except those applications I wanted and needed to run. I took out all and placed it in a folder in /var directory named it red5_movedstuff in case I want access to further applications later on.Then I renamed the applications I am using in webapps folder and kept admin folder to access them but I renamed my applications and had to importantly rename also in WEB-INF for each application name change.
Now if someone goes to myip:5080 they get a blank page and by changing names of applications I've hidden my directories beyond that including list of streams.
Folks:
I'm creating an app using Node Webkit. The purpose of this app is to display images and pdfs. The app needs to download those files from a central repository, and cache them locally. When the app runs offline, the files should still be available, and displayed.
On the face of it, this sounds like appcache is the answer - and that indeed is where I was heading when this was a pure webapp in a browser. However, now I've discovered node-webkit, and here we are.
node-webkit's GitHub wiki states:
"However, application cache is designed for browser use, for apps using node-webkit, it's less useful than the other two method, read HTML5 Application Cache if you want to use it."
But doesn't say why.
I've also researched node.js filesystem - but that seems like a whole magnitude of complexity above what I need.
Can anyone point me in a sensible direction?
Thanks.
It has to do with the nature of App Cache itself.
You specify a manifest file that lists all the static assets required for your app to run offline. You don't have any programmatic access to the cache to add and remove files via JS.
So for a node-webkit app, it'd make more sense to fetch these files and store them in the Application Support folder (Or AppData, depending on the platform). That's where the node.js part is really useful, the file IO stuff.
When a user downloads a plugin firefox (for example) the plugin installation begins as soon as the download has completed.
Is it possible to achieve the same thing in safari? i.e. user clicks link to download plugin, once it has downloaded it automatically begins the installation.
I don't think this is possible to do on any other domain except extensions.apple.com.
I've done some extensive testing on this and the safari.installExtension() method is only present if the domain matches extensions.apple.com (probably controlled by the browser, similar to how certain Chrome APIs only shows up inside of extensions themselves).
I tested this theory by going to the JS file itself and opening the JS console:
https://extensions.apple.com/home/scripts/extensionInstall.js
After that JS file has loaded, type typeof(safari.installExtension) in the JS console and it should return "function". Notice that it exists on a non-HTML page, meaning it's being provided by the browser (since this script doesn't execute, nor has the code in it to provide this method).
I tried doing this on other sites and it doesn't exist: "undefined".
I also had a crazy thought that it just needs extensions as the subdomain, so I tested it on http://extensions.joomla.org too, no dice. I can't seem to find an extensions sub-domain that's SSL though. That may work, but I seriously doubt it as the method appears to be regulated to only show up when on Apple's specific extensions sub-domain.
No solution for that here, but maybe this can help?
In apple extension gallery at https://extensions.apple.com the extensions do install in one click, and i wanted to achieve the same in a website of mine, so i went and checked their JS source code.
A javascript file there defines a "ExtensionOneClick" Object (https://extensions.apple.com/home/scripts/extensions.js).
A method is dedicated to installing extensions:
// href : path to the extension ".safariextz" file
// id : com.whatever.myextension-<safaridevelopper10charsid>
safari.installExtension(id, href);
I tried to replicate this on my website, but i get "safari is undefined", so I guess a site specific hack in Safari is helping here?
I have a PHP application running on a Micrisoft IIS 7 server. The application shows PDF files on an iFrame, which contains user's sensitive data that I wouldn't like to be directly accessed by anyone that knows the file address.
So basically, I'm looking for a way to protect files from direct browser access or download, but still be able to show it on the application's iFrame.
I made some research with Rewrite rules, but since the "HTTP_REFERER" of an iFrame is empty, I couldn't find a good solution
Any suggestions for this?
Thanks in advance
Without seeing any of your code, or how your application works, I can only give suggestions based on how I think your app works.
Rather than showing the files themselves, with links directly to those files, you should consider changing your application so that the PHP reads in the directory, displays the file names (however you want them to appear), with links that go to a download.php page. The download page (after checking whether the user has permission to download the file) then loads the file into memory and serves it out as a response (with appropriate Content-Disposition and Content-Type headers).
Since your PHP application can read files directly within the web directory, you can set up rewrite rules to prevent accessing those files from the web; that way, the files can only be accessed by the PHP application, which doesn't rely on rewrite rules to access the drive.
This is how places like Source Forge can display an advertisement with a countdown that your file download will begin in 5 seconds.