I know this question is already answered but that's for PHP user. I'm using ASP.NET and this error keep happens. I tried to look for the config in the CKFinderScripts folder but there is no such config (in 2nd version there is but i dont understand why this version is not). I created a config in aspx myself but it still doesn't work.
<%# Control Language="C#" EnableViewState="false" AutoEventWireup="false" Inherits="CKFinder.Settings.ConfigFile" %>
<%# Import Namespace="CKFinder.Settings" %>
<script runat="server">
/**
* This function must check the user session to be sure that he/she is
* authorized to upload and access files using CKFinder.
*/
public override bool CheckAuthentication()
{
// WARNING : DO NOT simply return "true". By doing so, you are allowing
// "anyone" to upload and list the files in your server. You must implement
// some kind of session validation here. Even something very simple as...
//
// return ( Session[ "IsAuthorized" ] != null && (bool)Session[ "IsAuthorized" ] == true );
//
// ... where Session[ "IsAuthorized" ] is set to "true" as soon as the
// user logs on your system.
return true;
}
/**
* All configuration settings must be defined here.
*/
public override void SetConfig()
{
// Paste your license name and key here. If left blank, CKFinder will
// be fully functional, in Demo Mode.
LicenseName = "";
LicenseKey = "";
// The base URL used to reach files in CKFinder through the browser.
BaseUrl = "/ckfinder/userfiles/";
// The phisical directory in the server where the file will end up. If
// blank, CKFinder attempts to resolve BaseUrl.
BaseDir = "";
// Optional: enable extra plugins (remember to copy .dll files first).
Plugins = new string[] {
// "CKFinder.Plugins.FileEditor, CKFinder_FileEditor",
// "CKFinder.Plugins.ImageResize, CKFinder_ImageResize",
// "CKFinder.Plugins.Watermark, CKFinder_Watermark"
};
// Settings for extra plugins.
PluginSettings = new Hashtable();
PluginSettings.Add("ImageResize_smallThumb", "90x90" );
PluginSettings.Add("ImageResize_mediumThumb", "120x120" );
PluginSettings.Add("ImageResize_largeThumb", "180x180" );
// Name of the watermark image in plugins/watermark folder
PluginSettings.Add("Watermark_source", "logo.gif" );
PluginSettings.Add("Watermark_marginRight", "5" );
PluginSettings.Add("Watermark_marginBottom", "5" );
PluginSettings.Add("Watermark_quality", "90" );
PluginSettings.Add("Watermark_transparency", "80" );
// Thumbnail settings.
// "Url" is used to reach the thumbnails with the browser, while "Dir"
// points to the physical location of the thumbnail files in the server.
Thumbnails.Url = BaseUrl + "_thumbs/";
if ( BaseDir != "" ) {
Thumbnails.Dir = BaseDir + "_thumbs/";
}
Thumbnails.Enabled = true;
Thumbnails.DirectAccess = false;
Thumbnails.MaxWidth = 100;
Thumbnails.MaxHeight = 100;
Thumbnails.Quality = 80;
// Set the maximum size of uploaded images. If an uploaded image is
// larger, it gets scaled down proportionally. Set to 0 to disable this
// feature.
Images.MaxWidth = 1600;
Images.MaxHeight = 1200;
Images.Quality = 80;
// Indicates that the file size (MaxSize) for images must be checked only
// after scaling them. Otherwise, it is checked right after uploading.
CheckSizeAfterScaling = true;
// Increases the security on an IIS web server.
// If enabled, CKFinder will disallow creating folders and uploading files whose names contain characters
// that are not safe under an IIS 6.0 web server.
DisallowUnsafeCharacters = true;
// If CheckDoubleExtension is enabled, each part of the file name after a dot is
// checked, not only the last part. In this way, uploading foo.php.rar would be
// denied, because "php" is on the denied extensions list.
// This option is used only if ForceSingleExtension is set to false.
CheckDoubleExtension = true;
// Due to security issues with Apache modules, it is recommended to leave the
// following setting enabled. It can be safely disabled on IIS.
ForceSingleExtension = true;
// For security, HTML is allowed in the first Kb of data for files having the
// following extensions only.
HtmlExtensions = new string[] { "html", "htm", "xml", "js" };
// Folders to not display in CKFinder, no matter their location. No
// paths are accepted, only the folder name.
// The * and ? wildcards are accepted.
// By default folders starting with a dot character are disallowed.
HideFolders = new string[] { ".*", "CVS" };
// Files to not display in CKFinder, no matter their location. No
// paths are accepted, only the file name, including extension.
// The * and ? wildcards are accepted.
HideFiles = new string[] { ".*" };
// Perform additional checks for image files.
SecureImageUploads = true;
// Enables protection in the connector.
// The default CSRF protection mechanism is based on double submit cookies, where
// connector checks if the request contains a valid token that matches the token
// sent in the cookie
//
// https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet#Double_Submit_Cookies
EnableCsrfProtection = true;
// The session variable name that CKFinder must use to retrieve the
// "role" of the current user. The "role" is optional and can be used
// in the "AccessControl" settings (bellow in this file).
RoleSessionVar = "CKFinder_UserRole";
// ACL (Access Control) settings. Used to restrict access or features
// to specific folders.
// Several "AccessControl.Add()" calls can be made, which return a
// single ACL setting object to be configured. All properties settings
// are optional in that object.
// Subfolders inherit their default settings from their parents' definitions.
//
// - The "Role" property accepts the special "*" value, which means
// "everybody".
// - The "ResourceType" attribute accepts the special value "*", which
// means "all resource types".
AccessControl acl = AccessControl.Add();
acl.Role = "*";
acl.ResourceType = "*";
acl.Folder = "/";
acl.FolderView = true;
acl.FolderCreate = true;
acl.FolderRename = true;
acl.FolderDelete = true;
acl.FileView = true;
acl.FileUpload = true;
acl.FileRename = true;
acl.FileDelete = true;
// Resource Type settings.
// A resource type is nothing more than a way to group files under
// different paths, each one having different configuration settings.
// Each resource type name must be unique.
// When loading CKFinder, the "type" querystring parameter can be used
// to display a specific type only. If "type" is omitted in the URL,
// the "DefaultResourceTypes" settings is used (may contain the
// resource type names separated by a comma). If left empty, all types
// are loaded.
// ==============================================================================
// ATTENTION: Flash files with `swf' extension, just like HTML files, can be used
// to execute JavaScript code and to e.g. perform an XSS attack. Grant permission
// to upload `.swf` files only if you understand and can accept this risk.
// ==============================================================================
DefaultResourceTypes = "";
ResourceType type;
type = ResourceType.Add( "Files" );
type.Url = BaseUrl + "files/";
type.Dir = BaseDir == "" ? "" : BaseDir + "files/";
type.MaxSize = 0;
type.AllowedExtensions = new string[] { "7z", "aiff", "asf", "avi", "bmp", "csv", "doc", "docx", "fla", "flv", "gif", "gz", "gzip", "jpeg", "jpg", "mid", "mov", "mp3", "mp4", "mpc", "mpeg", "mpg", "ods", "odt", "pdf", "png", "ppt", "pptx", "pxd", "qt", "ram", "rar", "rm", "rmi", "rmvb", "rtf", "sdc", "sitd", "swf", "sxc", "sxw", "tar", "tgz", "tif", "tiff", "txt", "vsd", "wav", "wma", "wmv", "xls", "xlsx", "zip" };
type.DeniedExtensions = new string[] { };
type = ResourceType.Add( "Images" );
type.Url = BaseUrl + "images/";
type.Dir = BaseDir == "" ? "" : BaseDir + "images/";
type.MaxSize = 0;
type.AllowedExtensions = new string[] { "bmp", "gif", "jpeg", "jpg", "png" };
type.DeniedExtensions = new string[] { };
type = ResourceType.Add( "Flash" );
type.Url = BaseUrl + "flash/";
type.Dir = BaseDir == "" ? "" : BaseDir + "flash/";
type.MaxSize = 0;
type.AllowedExtensions = new string[] { "swf", "flv" };
type.DeniedExtensions = new string[] { };
}
</script>
CKFinder 3 doesn't use config.aspx. It uses web.config. Now, if you are using CKFinder as standalone application then please see: https://docs.ckeditor.com/ckfinder/ckfinder3-net/quickstart.html#quickstart_configuration_authentication. Adding the * in <add key="ckfinderAllowedRole" value="" /> will fix the problem but please note that everyone will have access to your CKFinder then and while this approach may be good for testing, you should create your own authentication mechanism before hitting the production: https://docs.ckeditor.com/ckfinder/ckfinder3-net/howto.html#howto_custom_authenticator
If your CKFinder is integrated into application e.g. you have used basic MVC template together with NuGet packages then it is the application which controls access to its resources and in order to get to CKFinder, you need to log into your application (simple as that). If you have any extra access levels where you can define what user can access or not, this is something, you figure out and configure on your own.
I have a web script in Alfresco that works when I pass in the correct arguments in my HTTP request. I have added validation similar to this snippet (source).
How can I tell Alfresco to stop processing the webscript if I find that my validation steps have failed? (If possible, I would like to do this without an else block.)
// extract folder listing arguments from URI
var verbose = (args.verbose == "true" ? true : false);
var folderpath = url.templateArgs.folderpath;
// search for folder within Alfresco content repository
var folder = roothome.childByNamePath(folderpath);
// validate that folder has been found
if (folder == undefined || !folder.isContainer) {
status.code = 404;
status.message = "Folder " + folderpath + " not found.";
status.redirect = true;
// ********* HOW DO I TELL ALFRESCO TO STOP PROCESSING HERE? ************
}
// perform some business logic with the parameters that passed validation......
// ********* I DO NOT WANT TO COME HERE IF VALIDATION FAILS ************
// construct model for response template to render
model.verbose = verbose;
model.folder = folder;
The trick here is to wrap your code in a function (usually called main by convention). Just call that function and return from that function if you want to stop processing. Like so:
function main() {
// extract folder listing arguments from URI
var verbose = (args.verbose == "true" ? true : false);
var folderpath = url.templateArgs.folderpath;
// search for folder within Alfresco content repository
var folder = roothome.childByNamePath(folderpath);
// validate that folder has been found
if (folder == undefined || !folder.isContainer) {
status.code = 404;
status.message = "Folder " + folderpath + " not found.";
status.redirect = true;
return;
}
// Do stuff with the folder
}
main();
I have a ASP.Net C# 4.0 Web Application
I need to Add a scanning feature for my users.
This is what I want to achieve
On my web application
user clicks on a button
opens a window with preview of document in Scanning device attached to the client system
User confirms the Scan
this will save the Scanned document in jpg/pdf format on the server
then do the OCR on document
Can any one suggest a way to achieve this.
I read about this https://www.leadtools.com/sdk/engine/imaging not sure how much this can work. Can any one suggest a best way to get this done.
Thanks
update
tried leadtools from https://www.leadtools.com/support/forum/posts/m28036-Re--Scan-and-Upload-v16--NET-with-Caspol-exe-deployment as LEAD Support suggested but it is missing references not sure where and how to get those references
HaBo,
This is LEAD support. Since you mentioned our LEADTOOLS toolkit, the answer to your question is yes. Our toolkit can be used to implement either of the 2 approaches mentioned by tgolisch.
For the click-once approach, you simply use our Windows Forms controls that contain Twain support and package your application for ClickOnce deployment. This is done, for example, in this demo project:
LEADTOOLS ClickOnce Demos
For the custom control approach, see the example code projects on our forums that perform Scan and Upload
Solution is here:
In ASP.Net/Core Project you send message to call winform project:
var start = function () {
var i = 0;
var wsImpl = window.WebSocket || window.MozWebSocket;
window.ws = new wsImpl('ws://localhost:8181/');
ws.onmessage = function (e) {
$('#submit').hide();
$('#scanBtn').hide();
$('.loader').show();
if (typeof e.data === "string") {
//IF Received Data is String
}
else if (e.data instanceof ArrayBuffer) {
//IF Received Data is ArrayBuffer
}
else if (e.data instanceof Blob) {
i++;
var f = e.data;
f.name = "File" + i;
storedFiles.push(f);
formdata.append(f.name, f);
var reader = new FileReader();
reader.onload = function (e) {
var html = "<div class=\"col-sm-2 text-center\"
style=\"border: 1px solid black; margin-left: 2px;\"><img
height=\"200px\" width=\"200px\" src=\"" + e.target.result + "\"
data-file='" + f.name + "' class='selFile' title='Click to
remove'><br/>" + i + "</div>";
selDiv.append(html);
$('#submit').show();
$('#scanBtn').show();
$('.loader').hide();
}
reader.readAsDataURL(f);
}
};
ws.onopen = function () {
//Do whatever u want when connected succesfully
};
ws.onclose = function () {
$('.dalert').modal('show');
};
}
window.onload = start;
function scanImage() {
ws.send("1100");
};
https://javascript.info/websocket
In Winforms Project you scan document and send graphic data back to Asp.Net/Core project:
public partial class Form1 : Form
{
ImageCodecInfo _tiffCodecInfo;
TwainSession _twain;
bool _stopScan;
bool _loadingCaps;
List allSockets;
WebSocketServer server;
public Form1()
{
InitializeComponent();
if (NTwain.PlatformInfo.Current.IsApp64Bit)
{
Text = Text + " (64bit)";
}
else
{
Text = Text + " (32bit)";
}
foreach (var enc in ImageCodecInfo.GetImageEncoders())
{
if (enc.MimeType == "image/tiff") { _tiffCodecInfo = enc; break; }
}
this.WindowState = FormWindowState.Minimized;
this.ShowInTaskbar = false;
allSockets = new List<IWebSocketConnection>();
server = new WebSocketServer("ws://0.0.0.0:8181");
server.Start(socket =>
{
socket.OnOpen = () =>
{
Console.WriteLine("Open!");
allSockets.Add(socket);
};
socket.OnClose = () =>
{
Console.WriteLine("Close!");
allSockets.Remove(socket);
};
socket.OnMessage = message =>
{
if (message == "1100")
{
this.Invoke(new Action(()=> {
this.WindowState = FormWindowState.Normal;
}));
}
};
});
}
Link to project.
https://github.com/mgriit/ScanAppForWeb
You can remake this project, as you want.
Web browsers don't have permissions to use system devices like this(major security issue). There are 2 common ways of getting around this:
Make a custom control to run in your browser (flash, silverlight, java applet).
Make a "click-once deployment app" that a user launches from your page.
Both approaches would send the data back to your server via web
services or WCF, etc.
I installed a FMS 3.5 on my machine and created a new application with main.asc like this :
application.onAppStart = function()
{
/* Allow debugging */
this.allowDebug = true;
}
//Client is connected
application.onConnect = function( client )
{
//Accept the connection
application.acceptConnection( client );
client.allo = function(o) {
trace("test : " + o ) ;
trace("length : " + o.length ) ;
trace("objectEncoding : " + o.objectEncoding ) ;
return o ;
}
}
//Client disconnected
application.onDisconnect = function( client )
{
//Trace on the FMS Application console
trace( client+" is disconnected" );
}
This code prepare a function I call with my flex application, named "allo" and it returns the same byteArray in response.
The flex code is :
var anotherArray:ByteArray = new ByteArray();
anotherArray.objectEncoding = ObjectEncoding.AMF3;
anotherArray.writeObject(new String("foo"));
nconn.call(func, echoResponder, anotherArray);
As a result, I get an empty ByteArray with only length,encoding, endian and position parameters. And a tcpdump trace shows that the ByteArray is empty.
So I wonder if it's only a pointer which is sent, or maybe I misconfigured something.
Do you know a way to investigate further or solve this ?
Thanks for any help,
MP
I tried your code.
Sending...
var bytes:ByteArray = new ByteArray();
bytes.objectEncoding = ObjectEncoding.AMF3;
bytes.writeObject(new String("foo"));
nc.call("allo", new Responder(_onResult, _onStatus), bytes);
... and receiving...
private function _onResult(result:*):void
{
var bytes:ByteArray = ByteArray(result);
var str:String = String(bytes.readObject());
trace(str);
}
traces foo
I think your code is OK. Only difference is that I use FMS 4.
We have an ASP.Net site that redirects you to a url that shows a session-id. like this:
http://localhost/(S(f3rjcw45q4cqarboeme53lbx))/main.aspx
This id is unique with every request.
Is it possible to test this site using a standard visual studio 2008/2010 webtest? How can I provide the test this data?
I have to call a couple of different pages using that same id.
Yes, it is relatively easy to do this. You will need to create a coded webtest however.
In my example we have a login post that will return the url including the session string.
Just after the we yield the login post request (request3) to the enumerator I call the following.
WebTestRequest request3 = new WebTestRequest((this.Context["WebServer1"].ToString() + "/ICS/Login/English/Login.aspx"));
//more request setup code removed for clarity
yield return request3;
string responseUrl = Context.LastResponse.ResponseUri.AbsoluteUri;
string cookieUrl = GetUrlCookie(responseUrl, this.Context["WebServer1"].ToString(),"/main.aspx");
request3 = null;
Where GetUrlCookie is something like this:
public static string GetUrlCookie(string fullUrl, string webServerUrl, string afterUrlPArt)
{
string result = fullUrl.Substring(webServerUrl.Length);
result = result.Substring(0, result.Length - afterUrlPArt.Length);
return result;
}
Once you have the session cookie string, you can substitute it really easy in any subsequent urls for request/post
e.g.
WebTestRequest request4 = new WebTestRequest((this.Context["WebServer1"].ToString() + cookieUrl + "/mySecureForm.aspx"));
I apologise for my code being so rough, but it was deprecated in my project and is pulled from the first version of the codebase - and for saying it was easy :)
For any load testing, depending on your application, you may have to come up with a stored procedure to call to provide distinct login information each time the test is run.
Note, because the response url cannot be determined ahead of time, for the login post you will have to temporarily turn off the urlValidationEventHandler. To do this I store the validationruleeventhandler in a local variable:
ValidateResponseUrl validationRule1 = new ValidateResponseUrl();
urlValidationRuleEventHandler = new EventHandler<ValidationEventArgs>(validationRule1.Validate);
So can then turn it on and off as I require:
this.ValidateResponse -= urlValidationRuleEventHandler ;
this.ValidateResponse += urlValidationRuleEventHandler ;
The alternative is to code your own such as this (reflectored from the Visual Studio code and changed to be case insensitive.
class QueryLessCaseInsensitiveValidateResponseUrl : ValidateResponseUrl
{
public override void Validate(object sender, ValidationEventArgs e)
{
Uri uri;
string uriString = string.IsNullOrEmpty(e.Request.ExpectedResponseUrl) ? e.Request.Url : e.Request.ExpectedResponseUrl;
if (!Uri.TryCreate(e.Request.Url, UriKind.Absolute, out uri))
{
e.Message = "The request URL could not be parsed";
e.IsValid = false;
}
else
{
Uri uri2;
string leftPart = uri.GetLeftPart(UriPartial.Path);
if (!Uri.TryCreate(uriString, UriKind.Absolute, out uri2))
{
e.Message = "The request URL could not be parsed";
e.IsValid = false;
}
else
{
uriString = uri2.GetLeftPart(UriPartial.Path);
////this removes the query string
//uriString.Substring(0, uriString.Length - uri2.Query.Length);
Uri uritemp = new Uri(uriString);
if (uritemp.Query.Length > 0)
{
string fred = "There is a problem";
}
//changed to ignore case
if (string.Equals(leftPart, uriString, StringComparison.OrdinalIgnoreCase))
{
e.IsValid = true;
}
else
{
e.Message = string.Format("The value of the ExpectedResponseUrl property '{0}' does not equal the actual response URL '{1}'. QueryString parameters were ignored.", new object[] { uriString, leftPart });
e.IsValid = false;
}
}
}
}
}