Thoughts on draconian security, JavaScript and the applets that use them.

When dealing with java applets it is important to remember that they are executed based upon a collection of permissions that prevent the applet from performing certain tasks unless permission is granted.

An unsigned applet has a collection of strict, almost draconian, restrictions, but for good reason. These restrictions are in place to protect the user from the actions of applets of unknown source. Unsigned applets are not allowed to access certain system properties or create files on the client machine among other things. It should also be noted that the applet can only connect to the server it originated from.

A signed applet is able to run almost completely as a native standalone application. They can write files on the client machine, access system properties and more.

Java applets placed onto a HTML page can be interacted with via JavaScript from the same page.  This is perfectly valid. Although any method called via JavaScript is held to the restrictions of a unsigned application. The reason for this seems to be that the applet can not determine the origin of the method call and therefore treats it as unsigned. The same method called from within the signed application is not restricted in the same way as the JavaScript invocation of the method.

For a simple life I find it is best to keep all calls to methods from an applet within the applet and not involve JavaScript in applet interaction. It helps to keep things simple and I’m sure we all want a simple life.

Ebook Page Link

The following two tabs change content below.
Kieran France is a programmer for IDRSolutions. He enjoys tinkering with most things including gadgets, code and electronics. He often has no idea what to write in his blog posts but tries his hardest to make them interesting and entertaining, he also makes no excuses for his odd sense of humor.

Related Posts:

KieranF

About Kieran France

Kieran France is a programmer for IDRSolutions. He enjoys tinkering with most things including gadgets, code and electronics. He often has no idea what to write in his blog posts but tries his hardest to make them interesting and entertaining, he also makes no excuses for his odd sense of humor.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>