Lecture 3
Applet
Security
There are some restrictions applets face
- things that applets are not allowed to do. The following notes
examine these restrictions and the reasons underlying them.
Things
Applets Are Not Allowed To Do
Some
Implications
Things
Applets Are Not Allowed To Do
There are things applets are not allowed to do for security reasons.
If these security policies were not implemented then user's would be reluctant
to execute an unknown applet (loaded over a network) on their computer in case
it compromised their system, (by intent or by accident).
Security
Restrictions
Every browser must implement security policies to keep applets from compromising
the system security of the user's computer. Currently, browsers impose the following restrictions on any applet that is
loaded over a network:
Applets...
- cannot ordinarily read or write files on the host computer on which it
is executing.
- cannot make network connections except to the host that it came from.
- cannot start any program on the host computer on which it is executing.
- cannot read certain system properties on on the host computer on which
it is executing.
- that are loaded from the local file system (from a local folder) have none of the restrictions that
applets loaded over the network do.
Applets that are loaded from the local file system (from a local folder) have none of the restrictions that
applets loaded over the network do. I.e. using appletviewer to
run your local applets you may be able to read and write to files on your
computer.
Be aware that sometimes, an applet may work perfectly in appletviewer
but will not run properly in a browser. This is because a browser
imposes security restrictions on the applet.
Some
Implications
When creating applets,
there are a extra considerations.
Applets
With Images - Run in a Browser.
Let's
suppose you are trying to run an applet that has to load an image locally
and that image is stored in the same local folder as the applet class file.
-
Using
appletviewer it may run perfectly fine, it looks for the image in the same
folder as the class file and finds it.
-
Using
a browser you may get an error message such as:-
Now,
let's suppose you are trying to run an applet that has to load an image over a
network from a server and that image is stored in the same remote folder
as the applet class file.
Using
a browser you may get a similar error message but this may also be because the browser cannot find the image file. It is probably looking
in the local system for the image file and applets are NOT allowed to
read files from a local system if the applet is loaded over a network.
To
ensure an image is looked for and loaded from the correct folder (the folder
which contains the class file), either from a local or remote computer, you
can use the getCodeBase method. This method returns the
location (URL) of the image file relative to where the
applet's code was loaded from (code base ).
We can
then use the getImage method that lets you specify
a base URL as one argument, followed by a second argument that specifies the
image file location, relative to the base URL. I.e.
getImage
(getCodeBase(),"anImage.gif");
You
must also import an extra package:-
import
java.net.*
|