34

I need to read the system time from the environment variables on the client's OS. I searched on Stackoverflow and found that this isn't possible. However, those answers were from 2010 and I want to ask if anything has changed since.

Is it possible with some kind of framework? or Javascript is still sandboxed and cut off from OS?

Max
1,0611 gold badge12 silver badges20 bronze badges
asked Jan 23, 2014 at 17:47
7
  • 8
    If JavaScript could manipulate OS Environment Variables, we'd all be screwed. Commented Jan 23, 2014 at 17:51
  • 2
    I don't mean to write there. Just Read ;> Commented Jan 23, 2014 at 17:51
  • It's still insecure, so you're still not allowed to do it (why would it have changed?). What do you need to read them for? Commented Jan 23, 2014 at 17:51
  • I guess you mean this answer: Javascript environment variables? Yes, it is still valid if you're looking for ways to read them from a website within a browser. Commented Jan 23, 2014 at 17:55
  • I variables like : %TIME% %DATE% Commented Jan 23, 2014 at 18:22

6 Answers 6

21

szpic, if Javascript were not sandboxed from the OS, any half-witted criminal could get onto your computer and take control. Allowing environmental variables is way too low level to ever be allowed.

Take a look at all of your environmental variables and ask yourself if everyone on the planet should have access to all that data about your computer.

If you want to do this with Javascript, you'll have to use a special web browser, such as node-webkit. It isn't going to run on any normal web browser, though, so don't expect more than 0.0001% of the population to expect to run your page.

I don't know your intended use, but one trick, to throw in an environmental variable, is to make a shortcut to your web application, and include it in there as a URL parameter (at least on Winblows).

http://myapp.com?computername=%COMPUTERNAME%
answered Jan 23, 2014 at 17:51
Sign up to request clarification or add additional context in comments.

1 Comment

It depends on browser you use! Did you heard about node-webkit?
8

the javascript Date() Object provides the clients system time.

answered Mar 3, 2017 at 5:21

2 Comments

And is the only correct answer IMHO. Ie: You do not need ENV access.
What was the purpose of all above answers? This is a straight-forward solution.
6

FWIW.... Just playing around with an .HTA file (yes that uses the MSIE 'engine' so you can probably forget about other browsers) and the following JavaScript reads the %TEMP% path variable to set a filepath+name for safely writing a temporary file. This works OK for me :

var oTest = new ActiveXObject("wscript.shell");
pathTest = oTest.ExpandEnvironmentStrings("%TEMP%") + "\\test_it.txt";
oTest = null;
alert(pathTest); // proves we can read %TEMP%
// and create the file, to complete the example
var oFSO = new ActiveXObject("Scripting.FileSystemObject");
var fil = oFSO.CreateTextFile(pathTest, true);
fil.WriteLine("Hello wonderful world!");
fil.Close();
answered Apr 28, 2014 at 22:26

3 Comments

Sorry to bump such an old post, but Is there any special reason for the oTest = null; at the end? Is it somehow "freeing" the object or something? Is it important?
That's the idea. Try it with and without - I like to keep things tidy and clear up after myself :)
Found this answer on another question here on SO: stackoverflow.com/a/5835896/1661358. It might help someone that has the same doubts.
5

All of the answers are today (at the time of writing) long outdated. :)

Of course, JS is still sandboxed, but that does not prevent anyone from using something like environment variables in client software. What you need to know and use wisely is the transfer of data of any kind from the operating system into a front-end application.

Several front-end frameworks may help here. E.g. an Angular application created with @angular/cli provides use cases for different environments out of the box. In an application configuration file (e.g. angular.json) you can configure the options, variables, values, whatever you need that you transport into your front end application via e.g. webpack. They may only be read once and can not change at runtime.

Following library nwjs.io tries something new: it lets you call all Node.js modules directly from DOM.

In docked/docker environments, there are other expectations for backend and frontend software, and these environments are configured differently and properly constrained from the OS's point of view.

answered Apr 23, 2019 at 15:27

Comments

4

There is only one way to do this - by using special web browser. Something like node-webkit. It integrates webkit engine with node.js, so you can use it together with DOM.

document.write(require('os').type());

But as everybody else said - there is no chance to do it with "normal" web browser.

answered Jan 23, 2014 at 17:57

Comments

1

This was possible using VBScript but support is removed in IE11. If you are in an IE environment (such as an internal Intranet) then you can convert your VB Code (CreateObject("wscript.shell")) to use ActiveX instead. This will get you around the issue that VB Script is depreciated in IE11 Edge mode and allow your page to access your environment variables and be used in Edge mode. Obviously this is IE only but if you were using VBScript before it was also IE only.

var ax = new ActiveXObject("wscript.shell");
uname = ax.ExpandEnvironmentStrings("%USERNAME%");
av = null;
alert(uname);
answered Sep 8, 2014 at 10:07

Comments

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.