You need to use the
file:///
protocol (yes, that's three slashes) if you want to link to local files.<a href="file:///C:\Programs\sort.mw">Link 1</a>
<a href="file:///C:\Videos\lecture.mp4">Link 2</a>
These will never open the file in your local applications automatically. That's for security reasons which I'll cover in the last section. If it opens, it will only ever open in the browser. If your browser can display the file, it will, otherwise it will probably ask you if you want to download the file.
Some browsers, like modern versions of Chrome, will even refuse to cross from the http protocol to the file protocol, so you'd better make sure you open this locally using the file protocol if you want to do this stuff at all.
Why does it get stuck without file:///
?
The first part of a URL is the protocol. A protocol is a few letters, then a colon and two slashes.
HTTP://
and FTP://
are valid protocols; C:/
isn't and I'm pretty sure it doesn't even properly resemble one.C:/
also isn't a valid web address. The browser could assume it's meant to be http://c/
with a blank port specified, but that's going to fail.
Your browser may not assume it's referring to a local file. It has little reason to make that assumption because public sites usually don't attempt to link to peoples' local files.
So if you want to access local files: tell it to use the file protocol.
Why three slashes?
Because it's part of the File URI scheme. You have the option of specifying a host after the first two slashes. If you skip specifying a host it will just assume you're referring to a file on your own PC. This means
file:///C:/etc
is a shortcut for file://localhost/C:/etc
.These files will still open in your browser and that is good
Your browser will respond to these files the same way they'd respond to the same file anywhere on the internet. These files will not open in your default file handler (e.g. MS Word or VLC Media Player), and you will not be able to do anything like ask File Explorer to open the file's location.
This is an extremely good thing for your security.
Sites in your browser cannot interact with your operating system very well. If a good site could tell your machine to open lecture.mp4 to in VLC.exe, a malicious site could tell it to open virus.bat in CMD.exe. Or it could just tell your machine to run a few Uninstall.exe files or open File Explorer a million times.
This may not be convenient for you, but HTML and browser security weren't really designed for what you're doing. If you want to be able to open lecture.mp4 in VLC.exe consider writing a desktop application instead.
0 comments:
Post a Comment
Note: only a member of this blog may post a comment.