kiwix/kiwix-js
1
0
Fork 0
mirror of https://github.com/kiwix/kiwix-js.git synced 2025-09-23 12:36:21 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #535 from kiwix/document-and-detect-CORS-on-local-files

Browse Source 
Document and detect CORS issues with file:// protocol.
This commit is contained in:
Mossroy 2019-07-15 22:37:17 +02:00 committed by GitHub
commit bcc95c4c50
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
tests.html
View File

@ -39,7 +39,8 @@
</head>
<body>
<b>NOTE:</b> These unit tests can be run with Firefox or Edge. Chrome by default does not allow access to local filesystem files used in testing. So to run tests on Chrome\Chromium launch a new browser instance (without any already open) with the --allow-file-access-from-files argument. Or start a local webserver and access this file through localhost.
<b>NOTE:</b> Firefox and Chrome do not allow access to some local filesystem files used in testing. So, if you're opening this through a file:// URL, you should instead go through a web server : either through a local one (http://localhost/...) or through a remote one (but you need SSL : https://webserver/...).<br/>
Another option is to force your browser to accept that (but you'll open a security breach) : on Chrome, you can start it with --allow-file-access-from-files command-line argument; on Firefox, you can set privacy.file_unique_origin to false in about:config
<div id="qunit"></div>
<div id="qunit-fixture"></div>
</body>

11
www/js/app.js
View File

@ -1050,8 +1050,17 @@ define(['jquery', 'zimArchiveLoader', 'util', 'uiUtil', 'cookies','abstractFiles
$('#articleListWithHeader').hide();
$("#prefix").val("");
var iframeContentDocument = iframeArticleContent.contentDocument;
if (!iframeContentDocument && window.location.protocol === 'file:') {
alert("You seem to be opening kiwix-js with the file:// protocol, which is blocked by your browser for security reasons."
+ "\nThe easiest way to run it is to download and run it as a browser extension (from the vendor store)."
+ "\nElse you can open it through a web server : either through a local one (http://localhost/...) or through a remote one (but you need SSL : https://webserver/...)"
+ "\nAnother option is to force your browser to accept that (but you'll open a security breach) : on Chrome, you can start it with --allow-file-access-from-files command-line argument; on Firefox, you can set privacy.file_unique_origin to false in about:config");
return;
}
// Inject the new article's HTML into the iframe
var articleContent = iframeArticleContent.contentDocument.documentElement;
var articleContent = iframeContentDocument.documentElement;
articleContent.innerHTML = htmlArticle;
var docBody = articleContent.getElementsByTagName('body');