0

You can access to you local system via browser by simply using file:/// as address.

I have being trying to access local system drives via file:/// in HTML via anchor tag...like this..

<a href="file:///">Home</a>

I get Not allowed to load local resource: file:/// this error in console...Is there any way possible to access the drives in this way...

Moid
  • 1,447
  • 1
  • 13
  • 24

1 Answers1

2

No, this is by design and security and is not allowed. This is crossdomain related.

Some browsers like Google Chrome allow you tu disable this using the runtime commands, see here for more information:
https://stackoverflow.com/a/6075747/753676
https://stackoverflow.com/a/12523274/753676
https://stackoverflow.com/a/4752452/753676

You can disable this security feature in Chrome and other browsers with
chrome.exe --allow-file-access-from-files or chrome --disable-web-security

(depends on platform)

Community
  • 1
  • 1
  • However, why would you ever want some random website to be able to access files on your computer – Adjit Mar 06 '15 at 21:22
  • Just curiosity...wouldn't it be cool to access your system and drives super fast... All actions (but restricted to only some) are performed at a blazing speed...opening a .pdf file or a video..etc.. – Moid Mar 06 '15 at 21:24
  • right, this is insecure and should not be done. Some browsers like Firefox allowed local files and also some AJAX calls worked locally but not in Chrome and other webkit/blink-based browsers. If you need a local website with access to local files, there are solutions like Java (not JavaScript) and embedded servers. –  Mar 06 '15 at 21:25
  • @MoidMohd this is not possible by default for security reasons –  Mar 06 '15 at 21:26
  • This is due to browser security features...? – Moid Mar 06 '15 at 21:27
  • if you want to access the files you have to use some programming language like Java or C or a local embedded server eg running in a JAR-file or as an app. But this is not possible in normal browsers by default. Just when you disable some security features like described in the two links. –  Mar 06 '15 at 21:28
  • @MoidMohd yes, crossdomain does not allow http:// and file:// protocols as these are two totally different protocols and the security features forbid this. Local AJAX-calls would also fail. –  Mar 06 '15 at 21:29
  • 1
    Once upon a time, such access was allowed and it was soon abused by the malicious who overwrote critical system files to display ads, open popups, and otherwise wreak havoc. Thus, it's no longer allowed. To access native resource, use native apps. – Lance Leonard Mar 06 '15 at 22:01