= Using file: protocol to link to the filesystem = Sometimes you may wish to use some `file:` protocol to link to files or directories accessed via the filesystem (be it local on your machine or on some intranet file server). == Security warning == It has a reason this is ''disabled in almost all browsers'' currently used and the reason is security. This has nothing to do with MoinMoin configuration, your browser decides what to do with file: URLs. /!\ If you enable it, some malicious web site might use such file: urls to load file content in some frame and read it out by javascript, for example. (if you know more details, please add them here) /!\ Question: How do you enable this? (!) So please, don't use this if you can solve that problem with normal file attachments and `attachment:` syntax. The moin 1.5+ GUI editor currently does not support file: in its dialogues. == General stuff == If you have spaces in your file names, replace them by `%20`. That method doesn't work for IE, though, so better don't use blanks in your file names. Syntax for links: {{{ file://///server/share/file # opens file (win32, smb) file://///server/share/file # opens file (linux, requires //server/share mounted on /server/share) file://///server/share/ # lists directory (win32, smb) }}} == Mozilla and Firefox == === Mozilla 1.7 and Firefox 1.0.x and older === Use `about:config` and set security.checkloaduri = false. === Mozilla 1.8 and Firefox 1.5 and newer === Using file: links is a bit more secure by only allowing it for some configurable web (or rather intranet) sites. Add this to user.js file: {{{ user_pref("capability.policy.policynames", "localfilelinks"); user_pref("capability.policy.localfilelinks.sites", "http://allowed1.intranet.company.com http://allowed2.intranet.company.com:8000"); user_pref("capability.policy.localfilelinks.checkloaduri.enabled", "allAccess"); }}} For the MoinMoin Desktop Edition, use {{{http://localhost:8080}}} in the second line. == IE == === 5.5 === Supports file: linking by default. === 6.0 === As for all security relevant things, you can configure the file download to one of the settings "enabled","disabled" or "prompt". Testing: file://///pc/public/test.txt - works with zone security settings at default values. "pc" is the local machine name. The web page containing this link came from the internet (moinmoin.wikiwikiweb.de). Is this intended? == Opera == === 7.54 and 8.x === Does not support linking but allows drag and drop of link into location bar. == More info about this topic == * [[http://tinyurl.com/ajo3c|meta.wikipedia.org]]. * [[http://kb.mozillazine.org/Firefox_:_Issues_:_Links_to_Local_Pages_Don't_Work|MozillaZine.org]] * [[http://cert.uni-stuttgart.de/archive/bugtraq/2001/07/msg00375.html|IE 5.x security issues]] * http://www.cs.tut.fi/~jkorpela/fileurl.html * [[http://www.microsoft.com/windows/ie/using/howto/security/setup.mspx|IE Security Zones]] == Useful other stuff == * Linux `mount -t cifs` * Samba server with unix extensions * pam_smb, pam_smbpass * alternatively maybe smbclient and a custom ff extension calling some script on `file:// download` using it