Recent Posts
11
Web Server - Ask For Help / Re: Issues displaying NetTalk camera images in a Windows application.
« Last post by JohanR on November 15, 2024, 06:41:09 AM »Hi Jari
Some suggestions , sure there are other ways too.
Seeing as you have it in a stringtheory object already, no reason to move to local text field, use the ST methods
Also possibly search for something a bit more specific eg. data:image/png;base64,
I don't have enough knowledge of image formats ,encoding and you should be searching for,
but you might encounter a different image, with a different starting string, or a random comma, but it's not valid for what you need.
You can then expand on the search string, to other possibilities, if required
tmp_st.fromblob(ALI:Photo)
pos# = tmp_st.FindChars('data:image/png;base64,')
if pos# = 0
message('not found')
else
if pos# = 1
tmp_st.RemoveFromPosition(pos#,22)
tmp_st.Base64Decode()
loc:filename = 'c:\tmp\' & random(11111,99999) & '.png'
tmp_st.savefile(loc:filename)
tmp_st.toblob(ALI:Photo)
message('done and saved to:' & loc:filename)
else
message('possible other issue')
end
end
12
Web Server - Ask For Help / Re: Issues displaying NetTalk camera images in a Windows application.
« Last post by jari@softmade.fi on November 14, 2024, 10:26:44 PM » Thank you, Bruce and other gurus.
I did it like this using FreeImage and StringTheory.
loc:text CSTRING(600000)
Access:Liitteet.Fetch(Liit:Ind_haku)
i#= kuva.iImage.Load(Liit:blob)
if i#=0
st.fromblob(Liit:blob)
l#=st.instring(',')
loc:text=st.getvalue()
loc:text= sub(loc:text,l#+1, st.len())
st.setvalue(loc:text)
st.Base64Decode()
st.toblob(Liit:blob)
i#= kuva.iImage.Load(Liit:blob)
end
I did it like this using FreeImage and StringTheory.
loc:text CSTRING(600000)
Access:Liitteet.Fetch(Liit:Ind_haku)
i#= kuva.iImage.Load(Liit:blob)
if i#=0
st.fromblob(Liit:blob)
l#=st.instring(',')
loc:text=st.getvalue()
loc:text= sub(loc:text,l#+1, st.len())
st.setvalue(loc:text)
st.Base64Decode()
st.toblob(Liit:blob)
i#= kuva.iImage.Load(Liit:blob)
end
13
Web Server - Ask For Help / Re: Google picking up documents from web folder
« Last post by Bruce on November 14, 2024, 04:58:14 PM »>> Thank you, it is files which the users upload as supporting documents which we are storing in a documents sub-folder contained in the web folder.
>> When I try to browse those files, I am not able to. Thus a malicious user would need to know the full file-name of the file to get to it? Or is there another way?
They would need to know, or deduce, the name. Or guess. Unless your names are generated randomly it's probably easy to guess a name or two, especially given that the server allows for an unlimited number of guesses. Treating the name as a secret, and then broadcasting that secret to all legitimate users in some form or another, does not make it a terribly good secret.
>> I maybe wrong, but would imagine that Google indexed the file whilst it was being opened / viewed by a user in Chrome.
I very much doubt that they got it that way. I suspect they got it by crawling your site. Either way though, you've shown that it's not a terribly well-kept secret.
>> Is there a way to project files in the web folder?
not by default, no.
>> Or if the web folder is always publicly accessible, should I put the files outside the web folder, and change my user-procedure that it opens from local disk and not via URL?
Opening from local disk is not an option. HTTP pages have a "single source" policy - in other words web pages cannot link to pages to the disk.
However, since the files belong to a user, and should only be available to that user, it's pretty easy to limit access to the file to that user. For example, just moving it to the \web\loggedin folder would require the user to be logged in to access the file. You can also serve the document from *outside* the web folder - and thus implementing further checks on who owns the file, and so on.
>> When I try to browse those files, I am not able to. Thus a malicious user would need to know the full file-name of the file to get to it? Or is there another way?
They would need to know, or deduce, the name. Or guess. Unless your names are generated randomly it's probably easy to guess a name or two, especially given that the server allows for an unlimited number of guesses. Treating the name as a secret, and then broadcasting that secret to all legitimate users in some form or another, does not make it a terribly good secret.
>> I maybe wrong, but would imagine that Google indexed the file whilst it was being opened / viewed by a user in Chrome.
I very much doubt that they got it that way. I suspect they got it by crawling your site. Either way though, you've shown that it's not a terribly well-kept secret.
>> Is there a way to project files in the web folder?
not by default, no.
>> Or if the web folder is always publicly accessible, should I put the files outside the web folder, and change my user-procedure that it opens from local disk and not via URL?
Opening from local disk is not an option. HTTP pages have a "single source" policy - in other words web pages cannot link to pages to the disk.
However, since the files belong to a user, and should only be available to that user, it's pretty easy to limit access to the file to that user. For example, just moving it to the \web\loggedin folder would require the user to be logged in to access the file. You can also serve the document from *outside* the web folder - and thus implementing further checks on who owns the file, and so on.
14
Web Server - Ask For Help / Re: NTWS Page embedded on an external website in an Iframe being called recursively
« Last post by Bruce on November 14, 2024, 04:50:41 PM »enable cookies on your iframe
15
Web Server - Ask For Help / Re: Issues displaying NetTalk camera images in a Windows application.
« Last post by Bruce on November 14, 2024, 04:50:15 PM »>> below first few chars from the file that was saved with this code in the desktop program.
>> data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAoAAAAHgCAYAAAA10dzkAAAAAX
Images can be stored in blobs in multiple ways. This format is used in the web when the images are delived "inline" rather than in a separate request. To convert to binary;
a) remove the text at the start up to, and including the ,
b) base 64 decode it.
As you can see the header shows both the format of the image (png) and the base64 encoding. Should you wish, you can parse out that header to better choose the file name, and note the base64 decoding.
Cheers
Bruce
>> data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAoAAAAHgCAYAAAA10dzkAAAAAX
Images can be stored in blobs in multiple ways. This format is used in the web when the images are delived "inline" rather than in a separate request. To convert to binary;
a) remove the text at the start up to, and including the ,
b) base 64 decode it.
As you can see the header shows both the format of the image (png) and the base64 encoding. Should you wish, you can parse out that header to better choose the file name, and note the base64 decoding.
Cheers
Bruce
16
E-Mail - Ask For Help / Probleme connect to a special SMTP Server
« Last post by tglomb on November 14, 2024, 12:04:00 PM »Hello,
I must send Emails to a non-public SMTP Server.
First question: what is the max bytes possible for an attachement ?
My code works with public Email Server. It is similar to the NT example ;-)
The specific problem with this special SMTP Server is with the Username, it is a complex string. Here a part of the Log:
>> AUTH LOGIN
<< 334 VXNlcm5hbWU6
>> c..........................up to 100 characters...................................................................p
L.............................................up to 80 chars................................................4=
<< 501 5.5.4 (Invalid command arguments)
Inbetween the p and the L here is a CrLf. This is not in the Entry (or string variable) ! So it is added - maybe- by the SendMail() method of the NetWebClient class in the encryption (base64) process I guess. So error 501 is correct because this user is not existent at this Server.
How can I avoid the internal (?) similar to the StringTheory method Base64Encode parameter NoWrap ?
Any hints are appreciated.
TIA, Thomas
Clarion 10.12799, NT 8 and 11
ps the username has the following syntax. It is really to use as the Username in this case:
a_name@webname.abc.something#anothername.anything1.anything2.anything3:465#anything4#any5#any6#any7
I must send Emails to a non-public SMTP Server.
First question: what is the max bytes possible for an attachement ?
My code works with public Email Server. It is similar to the NT example ;-)
The specific problem with this special SMTP Server is with the Username, it is a complex string. Here a part of the Log:
>> AUTH LOGIN
<< 334 VXNlcm5hbWU6
>> c..........................up to 100 characters...................................................................p
L.............................................up to 80 chars................................................4=
<< 501 5.5.4 (Invalid command arguments)
Inbetween the p and the L here is a CrLf. This is not in the Entry (or string variable) ! So it is added - maybe- by the SendMail() method of the NetWebClient class in the encryption (base64) process I guess. So error 501 is correct because this user is not existent at this Server.
How can I avoid the internal (?) similar to the StringTheory method Base64Encode parameter NoWrap ?
Any hints are appreciated.
TIA, Thomas
Clarion 10.12799, NT 8 and 11
ps the username has the following syntax. It is really to use as the Username in this case:
a_name@webname.abc.something#anothername.anything1.anything2.anything3:465#anything4#any5#any6#any7
17
Web Server - Ask For Help / Re: NTWS Page embedded on an external website in an Iframe being called recursively
« Last post by JohanR on November 12, 2024, 08:52:46 PM »Hi,
Have managed this, however am running into all sorts of other issues when the 2 sites are exchanging information.
Will report back if I make any progress and if the added complication justifies the end result.
cheers,
Johan
Have managed this, however am running into all sorts of other issues when the 2 sites are exchanging information.
Will report back if I make any progress and if the added complication justifies the end result.
cheers,
Johan
18
Web Server - Ask For Help / Re: Google picking up documents from web folder
« Last post by rupertvz on November 11, 2024, 11:43:26 PM »Hi Bruce,
Thank you, it is files which the users upload as supporting documents which we are storing in a documents sub-folder contained in the web folder.
When I try to browse those files, I am not able to. Thus a malicious user would need to know the full file-name of the file to get to it? Or is there another way?
I maybe wrong, but would imagine that Google indexed the file whilst it was being opened / viewed by a user in Chrome.
Is there a way to project files in the web folder?
Or if the web folder is always publicly accessible, should I put the files outside the web folder, and change my user-procedure that it opens from local disk and not via URL?
Thank you, it is files which the users upload as supporting documents which we are storing in a documents sub-folder contained in the web folder.
When I try to browse those files, I am not able to. Thus a malicious user would need to know the full file-name of the file to get to it? Or is there another way?
I maybe wrong, but would imagine that Google indexed the file whilst it was being opened / viewed by a user in Chrome.
Is there a way to project files in the web folder?
Or if the web folder is always publicly accessible, should I put the files outside the web folder, and change my user-procedure that it opens from local disk and not via URL?
19
Web Server - Ask For Help / Re: Issues displaying NetTalk camera images in a Windows application.
« Last post by JohanR on November 11, 2024, 11:38:07 PM »Hi Bruce
Sorry ,
The loading of the file into a ST object was to try the ST decode,
but I had some issues with saving the file into usbale format.
will check again later and and try to figure out why
Johan
Sorry ,
The loading of the file into a ST object was to try the ST decode,
but I had some issues with saving the file into usbale format.
will check again later and and try to figure out why
Johan
20
Web Server - Ask For Help / Re: Issues displaying NetTalk camera images in a Windows application.
« Last post by JohanR on November 11, 2024, 11:34:45 PM »Hi Bruce
Yes,
below first few chars from the file that was saved with this code in the desktop program.
data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAoAAAAHgCAYAAAA10dzkAAAAAX
Code in desktop program
loc:filename = 'c:\tmp\' & random(11111,99999) & '.jpg'
IF BLOBTOFILE(ALI:Photo,loc:filename) !returns an ERRORCODE if copy fails
MESSAGE('BLOB did not copy due to the following ERRORCODE: ' & ERRORCODE())
else
tmp_st.loadfile(loc:filename)
message('saved:')
END
Copying that to decoding website produces an image file.
Think it needs a few more lines of code to sort it out to display on screen
regards
Johan
I
Yes,
below first few chars from the file that was saved with this code in the desktop program.
data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAoAAAAHgCAYAAAA10dzkAAAAAX
Code in desktop program
loc:filename = 'c:\tmp\' & random(11111,99999) & '.jpg'
IF BLOBTOFILE(ALI:Photo,loc:filename) !returns an ERRORCODE if copy fails
MESSAGE('BLOB did not copy due to the following ERRORCODE: ' & ERRORCODE())
else
tmp_st.loadfile(loc:filename)
message('saved:')
END
Copying that to decoding website produces an image file.
Think it needs a few more lines of code to sort it out to display on screen
regards
Johan
I