Kieran France Kieran France is a programmer for IDRSolutions. He enjoys tinkering with most things including gadgets, code and electronics. He spends his time working on the the JPedal library and our internal test suite..

Thoughts on draconian security, JavaScript and the applets that use them.

54 sec read

When dealing with java applets it is important to remember that they are executed based upon a collection of permissions that prevent the applet from performing certain tasks unless permission is granted.

An unsigned applet has a collection of strict, almost draconian, restrictions, but for good reason. These restrictions are in place to protect the user from the actions of applets of unknown source. Unsigned applets are not allowed to access certain system properties or create files on the client machine among other things. It should also be noted that the applet can only connect to the server it originated from.

A signed applet is able to run almost completely as a native standalone application. They can write files on the client machine, access system properties and more.

Java applets placed onto a HTML page can be interacted with via JavaScript from the same page.  This is perfectly valid. Although any method called via JavaScript is held to the restrictions of a unsigned application. The reason for this seems to be that the applet can not determine the origin of the method call and therefore treats it as unsigned. The same method called from within the signed application is not restricted in the same way as the JavaScript invocation of the method.

For a simple life I find it is best to keep all calls to methods from an applet within the applet and not involve JavaScript in applet interaction. It helps to keep things simple and I’m sure we all want a simple life.

IDRsolutions develop a Java PDF Viewer and SDK, an Adobe forms to HTML5 forms converter, a PDF to HTML5 converter and a Java ImageIO replacement. On the blog our team post anything interesting they learn about.

Kieran France Kieran France is a programmer for IDRSolutions. He enjoys tinkering with most things including gadgets, code and electronics. He spends his time working on the the JPedal library and our internal test suite..

Leave a Reply

Your email address will not be published. Required fields are marked *