Kieran France Kieran France is a programmer for IDRSolutions in charge of there internal test suite. In his spare time he enjoys tinkering with gadgets and code.

Thoughts on draconian security, JavaScript and the applets that use them.

54 sec read

When dealing with java applets it is important to remember that they are executed based upon a collection of permissions that prevent the applet from performing certain tasks unless permission is granted.

An unsigned applet has a collection of strict, almost draconian, restrictions, but for good reason. These restrictions are in place to protect the user from the actions of applets of unknown source. Unsigned applets are not allowed to access certain system properties or create files on the client machine among other things. It should also be noted that the applet can only connect to the server it originated from.

A signed applet is able to run almost completely as a native standalone application. They can write files on the client machine, access system properties and more.

Java applets placed onto a HTML page can be interacted with via JavaScript from the same page.  This is perfectly valid. Although any method called via JavaScript is held to the restrictions of a unsigned application. The reason for this seems to be that the applet can not determine the origin of the method call and therefore treats it as unsigned. The same method called from within the signed application is not restricted in the same way as the JavaScript invocation of the method.

For a simple life I find it is best to keep all calls to methods from an applet within the applet and not involve JavaScript in applet interaction. It helps to keep things simple and I’m sure we all want a simple life.

Did you know...

IDRsolutions offers a whole range of online file converters to convert PDF and Microsoft Excel, Word and Office Documents to HTML5, SVG or image formats?

It is free to use for single file conversions and also includes Developer links if you want to use our commercial software for bulk conversions. Find out more on this page

Kieran France Kieran France is a programmer for IDRSolutions in charge of there internal test suite. In his spare time he enjoys tinkering with gadgets and code.

Leave a Reply

Your email address will not be published. Required fields are marked *

IDRsolutions Ltd 2020. All rights reserved.