search

pkg / browser

Package browser provides helpers to open files, readers, and urls in a browser window.
BSD 2-Clause "Simplified" License
559 stars 99 forks source link

file:///tmp/browser.1293014077.html ERR_FILE_NOT_FOUND #46

Open guettli opened 2 years ago

guettli commented 2 years ago

I use it like this:

    request, err := http.NewRequest("POST", login_url, strings.NewReader(formData.Encode()))
    if err != nil {
        return err
    }
    request.Header.Set("Referer", login_url)
    request.Header.Set("Content-Type", "application/x-www-form-urlencoded")
    response, err := client.Do(request)
    if err != nil {
        return err
    }
    fmt.Printf("status code POST: %d\n", response.StatusCode)
    browser.OpenReader(response.Body)

The file /tmp/browser.1293014077.html contains the html.

But the browser seems to not find the file.

I use Chromium on Ubuntu Linux

image

KEINOS commented 2 years ago

The following example worked on macOS. If it worked for you too, you may have placed the files in an insecure directory.

package main

import (
    "log"
    "os"
    "path/filepath"

    "github.com/pkg/browser"
)

func main() {
    pathDirTmp, err := os.MkdirTemp(os.TempDir(), "sample_dir_*")
    if err != nil {
        log.Fatal(err)
    }

    pathFileTmp := filepath.Join(pathDirTmp, "sample_file.html")
    dummyContent := `<html><body>Hello World2</body></html>`

    // Create file under the temporary directory
    if err := os.WriteFile(pathFileTmp, []byte(dummyContent), 0644); err != nil {
        log.Fatal(err)
    }

    // Open the file in the browser
    // if err := browser.OpenURL(pathFileTmp); err != nil {
    //  log.Fatal(err)
    // }

    // Open the file for reading
    osFile, err := os.Open(pathFileTmp)
    if err != nil {
        log.Fatal(err)
    }

    // Consume the contents and present the results in a browser
    if err := browser.OpenReader(osFile); err != nil {
        log.Fatal(err)
    }

    // Open the directory of the temporary file
    if err := browser.OpenURL(pathDirTmp); err != nil {
        log.Fatal(err)
    }
}
Env info - Google Chrome v104.0.5112.101 - go version 1.18 and 1.19 (darwin/amd64)
guettli commented 2 years ago

You said "you may have placed the files in an insecure directory"

But I am using it like this:

browser.OpenReader(response.Body)

This means, that I am not explicitly putting the content into a directory....

I had a look at how this gets handled by Python, but that's a huge file: https://github.com/python/cpython/blob/3.10/Lib/webbrowser.py

Sorry, I need to leave now. Feel free to close this, if you don't have time and energy.

KEINOS commented 2 years ago

@guettli

But I am using it like this:

browser.OpenReader(response.Body)

Yes yes, that's why the file pointer is passed like this.

osFile, err := os.Open(pathFileTmp)
** snip **

err := browser.OpenReader(osFile)
** snip **

My point was that "Where was the temp file created?"

The path "/tmp/browser.1293014077.html" seems to be insecure. For example, on macOS, temporary files are created in private/var/folders.

file:///private/var/folders/8c/lmckjks95fj4h_jqzw4v3k_w0000gn/T/browser.140875179.html

The /tmp/browser.1293014077.html contained the response.Body value, so it is assumed that the OS or the browser is blocking it for security reasons. Not sure.

Try using os.MkdirTemp() and os.TempDir() to store the value of response.Body in a temporary directory. Then open it and look at the difference in paths.

Feel free to close this, if you don't have time and energy.

Unfortunately, I'm only a passer-by to help and don't have the privilege to close this issue.