开发者

java.net.SocketPermission - strange behaviour

问答 作者:

I was creating a java applet to collect and proces some data from other websites. The applet is unsigned, and, as I understand it, access to other sites is blocked for security reasons.

However, it seems at least one of the other sites is not block开发者_StackOverflowed. I tried this code:

package where;

import java.awt.BorderLayout;
import java.awt.Container;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.net.URL;
import javax.swing.JApplet;
import javax.swing.JLabel;
import javax.swing.JTextArea;

public class TestPermissions extends JApplet {
JTextArea txt = new JTextArea();
public void openURL(String site)  {
    txt.append(site+": ");
    try {
        URL url = new URL(site);
        BufferedReader in = new BufferedReader(
                new InputStreamReader(
                        url.openStream()));
        txt.append("Succes\n");
    } catch (Exception e) {
        txt.append("Failed\n");
        txt.append(e.getMessage()+"\n");
        System.err.println(e.getMessage());
    }

}
public void init() {
    openURL("http://www.buienradar.nl/");
    openURL("http://buienradar.nl/");
    openURL("http://www.google.nl/");
    openURL("http://whatismyipaddress.com/");
    openURL("http://www.google.com/");
    openURL("http://www.nrg.eu/");
    openURL("http://www.ecn.nl/");
    Container cp = getContentPane();
    cp.setLayout(new BorderLayout());
    cp.add(BorderLayout.CENTER, txt);
}
}

And the result is:

http://www.buienradar.nl/: Failed
access denied (java.net.SocketPermission www.buienradar.nl:80 connect,resolve)
http://buienradar.nl/: Failed
access denied (java.net.SocketPermission buienradar.nl:80 connect,resolve)
http://www.google.nl/: Failed
access denied (java.net.SocketPermission www.google.nl:80 connect,resolve)
http://whatismyipaddress.com/: Succes
http://www.google.com/: Failed
access denied (java.net.SocketPermission www.google.com:80 connect,resolve)
http://www.nrg.eu/: Failed
access denied (java.net.SocketPermission www.nrg.eu:80 connect,resolve)
http://www.ecn.nl/: Failed
access denied (java.net.SocketPermission www.ecn.nl:80 connect,resolve)

I do understand the "access denied" repsonses, but why was access granted to http://whatismyipaddress.com

I welcome answers or hints or suggestions for reference.

Dear Dacwe,

Thanks for your response.

My server's name is not whatismyipaddress.com.

I put the applet on a server: http://www.vitanova.co.nr/test/TestPermissions.html

the code is at:

http://www.vitanova.co.nr/test/where/TestPermissions.java

In addition put another applet on the server that obtains data from whatismyipaddress.com (actually the estmated location of the PC) and tries to get weather data from buienradar for that location, the latter fails because of the applet security.

http://www.vitanova.co.nr/test/ReadURL.html

the code is at:

http://www.vitanova.co.nr/test/where/ReadURL.java

This is the crossdomain.xml feature since 6u10. Have a look at http://whatismyipaddress.com/crossdomain.xml

<?xml version="1.0"?>
<cross-domain-policy>
  <allow-access-from domain="*" />
</cross-domain-policy>

See What Applets Can and Cannot Do.

I could think of some things that might be wrong:

  • Your server's name is whatismyipaddress.com (the applet may "call home")
  • Bug in your test code (do you have more code?)
  • JVM bug (not likely)

Crossdomain.xml does not resolve your problem. You must sign your applet to make it works with cross-domain.

继续阅读:appletcrossdomain.xmlsecurity

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9