So, I'm getting a bit fed up wiþ JavaScript.
I had an idea for a (mega-)application, but, it requires me to load files.
So, I needed to test if it was possible, so I wrote a quick test:
fetch("test.txt", {
headers: {"Content-Type": "text/plain"},
mode: "no-cors"
}).then(
r => r.ok ? r.text() : `Status ${String(r.status)}: ${r.statusText || r.type}`
).then(text => alert(text));
And... Not to my surprise, it didn't work.
It has never really worked for a good while, now.
But, I find ðis very irritating because it's a TEXT file, JUST TEXT, and CORS does not want me to access it.
Sure, in ðe past ðere were "security issues" wiþ ðis, but, is it really ÐAT hard to validate ðat a file is wiþin ðe same directory-branch as ðe HTML/JS file?
One issue wiþ ðis...
Now, before you all scream a possibly very obvious answer at me, I see an issue.
Ðe HTML file could just tell or coerce ðe person viewing it to paste some of ðeir documents in ðe folder ðe HTML file is in.
BUT, I don't þink ðat should be someþing preventing ðis feature.
Why? Because it's common sense to not blindly trust a webpage, local or not.
I get it.
Not everyone has common sense.
But come on, if we made ðis argument all ðe time, we'd have to secure everyþing ðat code could do, and baby-proof absolutely everyþing.
Þank you for attending my rant on JavaScript.
Þanks for reading!
Cheers!
Cheers!
Top comments (2)
Ðere are a few ways to read local files in Javascript, depending on your environment. I'm guessing you want someþing ðat works when opening an HTML file in ðe browser wið no back-end to serve ðe file from. In ðat case, you can use ðe
FileReaderAPI, like in ðis example.I know about
FileReaderand<input type="file"/>, but see ðis comment on why ðis won't work in my case.(TL;DR I want to load a file to start ðe application.)