tags:

views:

35

answers:

1
Q: 

Automated file upload from browser

After all what I've read on this topic, I know that there is no way to do automated file upload from browser without some kind of "elevated permissions".

But, elevated permissions is something what I have, bacause the application runs on intranet and user currently enables access to ActiveX control that makes it possible to do some document scanning using COM. Then a scanned document saved on file system needs to be uploaded.

Now, the only browser requirement is IE7+ compatibility. But with IE8, the only way to set value to <input type="file" ... /> is manually clicking "browse" button.

Is there really no way to set value to input form field, even if the site is added to trusted sites and full access for ActiveX code is enabled?

The same seems to apply to Flash and Silverlight, security policy makes it impossible to upload file without user manually selecting it. Silverlight probably could do it in OOB mode, but that is way too interruptive if a user has to click to enable out of browser mode every time.

ActiveX and Java applet could probably do it. If using <input type="file" ... /> is not an option, is there any lightweight (possibly free/open-source) ActiveX control that would handle uploading from file system?

+1  A: 

You're correct that RIAs like Flash, Silverlight, and Java won't allow this for security reasons, and that a Silverlight OOB trusted app would technically work, but doesn't sound ideal.

Since you're basically looking for a component that will poke a hole in the web security model, I doubt you'll find many good off-the-shelf components for this (and if you do, I'd be suspicious of them from a security point of view).

I'd suggest writing your own ActiveX control for this, but be sure to think through the security implications. For example, you'd probably want to make sure this control can only be used by trusted websites on your company's network -- this is sometimes called "site locking".

Here's a good page on writing secure ActiveX controls: http://msdn.microsoft.com/en-us/library/bb250471(VS.85).aspx

Jesse Collins  2010-08-15 16:35:10

related questions

Make Browser Window Blink in Task Bar
Large File Download
Browser's Default CSS
Disable browser 'Save Password' functionality
What's the simplest way to decremement a date in Javascript by 1 day?
Browser scrollbar
Limitations of screen readers.
Version detection with Silverlight
Best way to fix CSS/JS drop-down problem in IE7 when page includes Google Map
Recommendations for browser add-on tools to help with development
Hyperlinks displaced on IE7
Building Standalone Applications in JavaScript
HTML differences between browsers
Browser Sync accross many machines
Getting selected text in a browser, cross-platform.
How to get PNG transparency working in browsers that don't natively support it?
Best WYSIWYG CSS editor?
Javascript events
Preferred way to use favicons?
IE6: To support or not to support.
Getting the text from a drop-down box
Other browsers
Drag and Drop to a hosted Browser control
How can I tell if a web client is blocking ads?
How can I determine a web user's time zone?