5

Im fetching a local xml file using jQuery ajax through an html that i download from my site.

The problem is that each and every time the file gets downloaded, the user must right click on it -> properties -> unblock. Otherwise jquery ajax throws a "permission denied" error.

Is there any way to mark the file as trusted or something similar? Should i implement something on the serverside when downloading the file? Or add something on the client side in the saved html file? Thanks in advance.

Johan
  • 35,120
  • 54
  • 178
  • 293
  • 3
    Use a browser that is not Internet Explorer – erikkallen May 10 '12 at 14:07
  • @erikkallen The problem is that my clients only use IE – Johan May 10 '12 at 14:08
  • 1
    Talk to the clients' IT department about getting permissions set up for your XML file through AJAX. Probably this is restricted in the browser settings on purpose, and needs to be unlocked in the browser preferences. – Blazemonger May 10 '12 at 14:11
  • 1
    @Blazemonger The problem is located in the file itself, not the browser settings. Downloaded html files seems to get "blocked" as default in xp. – Johan May 10 '12 at 14:14

3 Answers3

6

The NTFS file system attache to this file a flag as unsafe. You can use one utility from Sysinternals called Streams to remove this flag. You can download the Streams from:

http://technet.microsoft.com/en-us/sysinternals/bb897440.aspx

Then using the Process class you can run the streams -d <file.xml> command to remove this flag, after you have get the file. How to run it:

Process runcommd = new Process();

runcommd.StartInfo.FileName = "streams";
runcommd.StartInfo.Arguments = " -d \"fullpath\\file.xml\"";

runcommd.StartInfo.UseShellExecute = false;
runcommd.StartInfo.CreateNoWindow = false;

runcommd.StartInfo.RedirectStandardError = true;
runcommd.StartInfo.RedirectStandardOutput = true;
runcommd.StartInfo.RedirectStandardInput = true;

// now run it
runcommd.Start();

// be sure that we end
runcommd.StandardInput.Flush();
runcommd.StandardInput.Close();

The Streams are from MS site, so its official and credible source, and its just a utility that remove this flag from the file. I think that you can do your job.

Related: https://superuser.com/questions/38476/this-file-came-from-another-computer-how-can-i-unblock-all-the-files-in-a

http://www.k9ivb.net/files/This%20file%20came%20from%20another%20computer%20and%20might%20be%20blocked.pdf

Community
  • 1
  • 1
Aristos
  • 66,005
  • 16
  • 114
  • 150
  • Ok, but when i double-click on streams.exe, a black cmd windows pop ups and closes the same second. How would i install this on my IIS / include it in my project? – Johan May 14 '12 at 13:33
  • @johan I have include you a process that is not open anything. By the way, to run the streams interactive you need to open a command window and then you see it with our close it. (run `cmd` on the run menu). The code I have include, runs transparent from your asp.net page. Of cource you can make a simple .bat file to do the same. – Aristos May 14 '12 at 13:35
  • Thank you for your time Aristos, I'll accept this answer. Cant seem to award the bounty yet though – Johan May 14 '12 at 13:54
  • Please post a comment if i forget to give you the points. Never done it before – Johan May 14 '12 at 13:56
  • Yea i know, but its ~23 hours left before i can click it :) – Johan May 14 '12 at 14:00
  • @Johan ok :) more people see it then and maybe you have more feedback. – Aristos May 14 '12 at 14:01
1

@Aristos is spot-on on the alternate file stream issue, however this can be done without the use of an external EXE (streams.exe). For anyone else looking at this later on you can run the following command to empty the alternate file stream (AFS):

echo. > my_blocked_file.zip:Zone.Identifier

Assuming the file name of my_blocked_file.zip this will empty the content of the AFS. Also, you can issue dir /r to list AFS's and notepad my_blocked_file.zip:Zone.Identifier to actually edit the them.

This is what an Internet Zone Identifier looks like:

[ZoneTransfer] 
ZoneId=3

Additional reading on these streams: http://msdn.microsoft.com/en-us/library/ff469212(v=prot.10)

and the respective security zones are:

  • Intranet: ZoneId=1
  • Trusted Site: ZoneId=2
  • Internet: ZoneId=3
  • Restricted Site: ZoneId=4

Also, IE only seems to read the AFS when you open/close the session so you couldn't change a stream and then just refresh, you'd need to create a new IE instance to re-read the new AFS.

Jeff
  • 846
  • 8
  • 13
  • This command of `echo.` that you direct write on the file is working, the `dir /r` and the notepad is not working on my system. +1 becaue I think is an alternative, but still you need to run a dos command. – Aristos May 16 '12 at 07:01
  • Ah yes I see dir /r was introduced with Vista so there may be other limitations as well. I just happened to have run into this problem last week and I like streams for batch removal. – Jeff May 16 '12 at 10:05
0

Give this a try. Open up regedit, and look for the following key/value:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\SaveZoneInformation

Set this value to 1 and see if the problem persists. Might have to log out and back in to be sure, as its an HKCU value. You still might get this message once more, but if you unblock it again with this value in place, it might prevent it from happening again.

David W
  • 10,062
  • 34
  • 60
  • Sorry for not mentioning it, but my clients cant edit regedit and similar stuff on their computers. They are not logged in as administrators – Johan May 14 '12 at 11:48
  • Unless your domain admins have implemented a GPO to that effect, you don't necessarily have to be an administrator to run RegEdit. – David W May 14 '12 at 18:27