When dealing with java applets it is important to remember that they are executed based upon a collection of permissions that prevent the applet from performing certain tasks unless permission is granted.
An unsigned applet has a collection of strict, almost draconian, restrictions, but for good reason. These restrictions are in place to protect the user from the actions of applets of unknown source. Unsigned applets are not allowed to access certain system properties or create files on the client machine among other things. It should also be noted that the applet can only connect to the server it originated from.
A signed applet is able to run almost completely as a native standalone application. They can write files on the client machine, access system properties and more.
Java applets placed onto a HTML page can be interacted with via JavaScript from the same page. This is perfectly valid. Although any method called via JavaScript is held to the restrictions of a unsigned application. The reason for this seems to be that the applet can not determine the origin of the method call and therefore treats it as unsigned. The same method called from within the signed application is not restricted in the same way as the JavaScript invocation of the method.
For a simple life I find it is best to keep all calls to methods from an applet within the applet and not involve JavaScript in applet interaction. It helps to keep things simple and I’m sure we all want a simple life.
Latest posts by Kieran France (see all)
- Embedded base64 images, html and svg differences - June 12, 2013
- Changes to PDF printing - June 5, 2013
- Drawing Java Components without displaying them. - May 21, 2013
- Only hit the button marked “System.exit” in an emergency! - April 30, 2013
- When supporting the spec just isn’t enough - April 3, 2013