Home > Archive > Java Security > May 2004 > Applet (website) communication to Applet (on my machine)
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Applet (website) communication to Applet (on my machine)
|
|
|
|
| Roedy Green 2004-04-30, 5:58 am |
| On Thu, 29 Apr 2004 11:42:21 -0400, "Québec" <notAgain@enough.ca>
wrote or quoted :
>
> Is communication with an applet on
>my machine (and reverse) possible, if I give socket permission to applet
>from my website. Someone knows a tutorial on this?
Applets do this all the time without permission. It ok to talk to
mom, (server from which the Applet was loaded) but it not ok to talk
to strangers unless you are signed and have permission.
To do some raw socket work or some HTTP GET POST see
http://mindprod.com/fileio.html for sample code.
--
Canadian Mind Products, Roedy Green.
Coaching, problem solving, economical contract programming.
See http://mindprod.com/jgloss/jgloss.html for The Java Glossary.
| |
| Québec 2004-04-30, 5:58 am |
| Is it ok for an application (or applet) on my machine (stranger) to talk to
mom (server from which the Applet was loaded). Let say I have the password
and ID of the mom.
JP
"Roedy Green" <see@mindprod.com.invalid> a écrit dans le message de to talk
to
> mom, (server from which the Applet was loaded)
news:rko290574pnc8ircm4nok4dpb6o9prgice@
4ax.com...
> On Thu, 29 Apr 2004 11:42:21 -0400, "Québec" <notAgain@enough.ca>
> wrote or quoted :
>
on[color=darkred]
>
> Applets do this all the time without permission. It ok but it not ok to
talk
> to strangers unless you are signed and have permission.
>
> To do some raw socket work or some HTTP GET POST see
> http://mindprod.com/fileio.html for sample code.
>
>
>
> --
> Canadian Mind Products, Roedy Green.
> Coaching, problem solving, economical contract programming.
> See http://mindprod.com/jgloss/jgloss.html for The Java Glossary.
| |
| Roedy Green 2004-04-30, 5:58 am |
| On Thu, 29 Apr 2004 17:17:52 -0400, "Québec" <notAgain@enough.ca>
wrote or quoted :
>Is it ok for an application (or applet) on my machine (stranger) to talk to
>mom (server from which the Applet was loaded). Let say I have the password
>and ID of the mom.
Applications can talk to whomever they please, so long as they have
the passwords.
Applets can only talk to mom, unless they are signed.
see http://mindprod.com/jgloss/applet.html
http://mindprod.com/jgloss/signedapplets.html
--
Canadian Mind Products, Roedy Green.
Coaching, problem solving, economical contract programming.
See http://mindprod.com/jgloss/jgloss.html for The Java Glossary.
| |
| Québec 2004-04-30, 1:47 pm |
| Ok.
Jp
"Roedy Green" <see@mindprod.com.invalid> a écrit dans le message de
news:5q33905v7l0ot1ndosp94k05heu4587ott@
4ax.com...
> On Thu, 29 Apr 2004 17:17:52 -0400, "Québec" <notAgain@enough.ca>
> wrote or quoted :
>
to[color=darkred]
password[color=darkred]
> Applications can talk to whomever they please, so long as they have
> the passwords.
>
> Applets can only talk to mom, unless they are signed.
>
> see http://mindprod.com/jgloss/applet.html
> http://mindprod.com/jgloss/signedapplets.html
>
> --
> Canadian Mind Products, Roedy Green.
> Coaching, problem solving, economical contract programming.
> See http://mindprod.com/jgloss/jgloss.html for The Java Glossary.
| |
| Michel Gallant 2004-04-30, 1:48 pm |
| Here is an example of an applet (for JPI 1.3+)
which can call to mom, pop, or any unknown relatives :-)
http://www.jensign.com/JavaScience/www/httpapplug
It simply returns the http headers returned by a host web server
you specify.
- Mitch Gallant
"Québec" <notAgain@enough.ca> wrote in message news:5rqkc.38073$6V5.461704@weber.videotron.net...
> Ok.
>
> Jp
> "Roedy Green" <see@mindprod.com.invalid> a écrit dans le message de
> news:5q33905v7l0ot1ndosp94k05heu4587ott@
4ax.com...
> to
> password
>
>
| |
| Michael Amling 2004-04-30, 1:48 pm |
| Michel Gallant wrote:
> Here is an example of an applet (for JPI 1.3+)
> which can call to mom, pop, or any unknown relatives :-)
> http://www.jensign.com/JavaScience/www/httpapplug
> It simply returns the http headers returned by a host web server
> you specify.
Note that when the dialog comes up, if you press the "Deny" button,
the applet runs, but only headers from www.jensign.com are displayed. Whew!
--Mike Amling
| |
| Michel Gallant 2004-04-30, 1:48 pm |
| What's the surprise?
If you are talking about the security dialog "Deny" button, that means that the
applet can still run, but only in sandboxed mode. It simply won't be given extended privileges.
A developer could of course choose to catch and display appropiate info to the user, but these
samples are mimimal samples only.
- Mitch
"Michael Amling" <nospam@nospam.com> wrote in message
news:wTskc.538$uQ4.220@newssvr16.news.prodigy.com...
> Michel Gallant wrote:
>
> Note that when the dialog comes up, if you press the "Deny" button,
> the applet runs, but only headers from www.jensign.com are displayed. Whew!
>
> --Mike Amling
>
| |
| Québec 2004-05-04, 4:05 pm |
| I have
plugin 1.4_03
The certificate has not been verified it will be considered has non signed.
Click OK
The applet does not seem to work.
"Michel Gallant" <neutron@NOSPAMistar.ca> a écrit dans le message de
news:T%skc.46747$OU.1123211@news20.bellglobal.com...
> What's the surprise?
> If you are talking about the security dialog "Deny" button, that means
that the
> applet can still run, but only in sandboxed mode. It simply won't be given
extended privileges.
> A developer could of course choose to catch and display appropiate info to
the user, but these
> samples are mimimal samples only.
> - Mitch
>
> "Michael Amling" <nospam@nospam.com> wrote in message
> news:wTskc.538$uQ4.220@newssvr16.news.prodigy.com...
Whew![color=darkred]
>
>
| |
| Michel Gallant 2004-05-04, 4:05 pm |
| I guess Sun changed the rules again about trustability.
With JPI 1.4.2_-2, the user has the option to trust the signature,
and allow permissions, even without the issuing cert being present
in the trusted cacerts file:
http://www.jensign.com/JavaScience/trust.jpg
- Mitch
"Québec" <notAgain@enough.ca> wrote in message news:J0Okc.82272$6V5.1028282@weber.videotron.net...
> I have
>
> plugin 1.4_03
> The certificate has not been verified it will be considered has non signed.
> Click OK
>
> The applet does not seem to work.
>
> "Michel Gallant" <neutron@NOSPAMistar.ca> a écrit dans le message de
> news:T%skc.46747$OU.1123211@news20.bellglobal.com...
> that the
> extended privileges.
> the user, but these
> Whew!
>
>
| |
| Québec 2004-05-04, 4:05 pm |
| It works now. I deleted the corrupted cacert file and it has been recreted
by the plugin.
"Michel Gallant" <neutron@NOSPAMistar.ca> a écrit dans le message de
news:lzPkc.57038$OU.1357527@news20.bellglobal.com...
> I guess Sun changed the rules again about trustability.
> With JPI 1.4.2_-2, the user has the option to trust the signature,
> and allow permissions, even without the issuing cert being present
> in the trusted cacerts file:
> http://www.jensign.com/JavaScience/trust.jpg
>
> - Mitch
>
>
> "Québec" <notAgain@enough.ca> wrote in message
news:J0Okc.82272$6V5.1028282@weber.videotron.net...
signed.[color=darkred]
given[color=darkred]
info to[color=darkred]
button,[color=darkred]
displayed.[color=darkred]
>
>
|
|
|
|
|