The protections Howard refers to are part of the Same Origin Policy.
You could do this with an Applet, any signed applet would have access
to the local disk unless explicitly denied by the Java security
policy or if privileges are not granted by the user. See http://
keepitlocked.net/archive/2007/10/10/a-brief-history-of-applet-
security.aspx for more info on Applet security.
Personally, I'm with Howard. Bandwidth is cheap. Upload the files
and compress them server side.
-dhs
Dean H. Saxe, CISSP, CEH
[EMAIL PROTECTED]
"I have always strenuously supported the right of every man to his
own opinion, however different that opinion might be to mine. He who
denies another this right makes a slave of himself to his present
opinion, because he precludes himself the right of changing it."
-- Thomas Paine, 1783
On Oct 12, 2007, at 7:27 AM, Howard Fore wrote:
On 10/12/07, Mr Modz <[EMAIL PROTECTED]> wrote:
Is it possible to write a web app in such a way that you could
compress a file into a zip or a tar file for the user before
uploading it? I'm looking to find a way to use coldfusion or flash
to allow a user to select a group of files to be uploaded. After
they select the files, I would want to compress them into a single
zip file and then upload them. Then once the file transfer is
complete, uncompress them and store them. I wouldn't care if it
was windows specific and I was thinking it would work if I could
some how invoke the built in windows zip compression functions
before the upload. Does this sound possible with coldfusion?
Not if by "with coldfusion" you mean for CF to do the compression.
In the scenario you describe, ColdFusion won't play a part until
the file is actually uploaded (onto the ColdFusion server). The
compression part would have to take place in the web browser, which
is a place ColdFusion can't touch. In theory you could do this with
Javascript running in the web page. However, you're likely to run
afoul of Javascript security policies. There are several policies
in place to prevent malicious scripts from grabbing local files
(your cookies, your Windows patch level, etc) and sending them to
remote locations where evildoers could do evil with them. Firefox/
Netscape/Mozilla does have a signed script path but that sounds
onerous to me and it's not guaranteed to work with IE. And then
there's the more practical matter of finding a compression engine
that is written in Javascript.
Why not simply upload the file, compress it, then discard the
uncompressed version?
--
Howard Fore, [EMAIL PROTECTED]
"Whether you believe you can do a thing or not, you are right." --
Henry Ford
-------------------------------------------------------------
Annual Sponsor - Figleaf Software
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform
For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by FusionLink
-------------------------------------------------------------
-------------------------------------------------------------
Annual Sponsor FigLeaf Software - http://www.figleaf.com
To unsubscribe from this list, manage your profile @
http://www.acfug.org?fa=login.edituserform
For more info, see http://www.acfug.org/mailinglists
Archive @ http://www.mail-archive.com/discussion%40acfug.org/
List hosted by http://www.fusionlink.com
-------------------------------------------------------------
