Is it ever appropriate to have a main method in an applet?
I am trying to wrap my head around the rules of applet use. I realize that an applet does not have to have a main method (it can use init()
instead) but every code sample my professor provides is an applet with a main method, like in the code below.
My understanding was that it is not a good idea to have a main method in an applet because of security issues, is this correct? When (if ever) should I use a main method in an applet?
Also, my professor is using applets like this embedded into a PowerPoint presentation which he can then run easily during his presentation. Would it still be possible to run an applet like this which was embedded into a PowerPoint presentation if the applet used inti()
instead of main()
? I ask that because I cannot see any reason why he would use a main method in such an applet unless it was required for the applet to run properly when embedded into a PowerPoint presentation.
//EventDispatcherThreadDemo.java
import javax.swing.*;
public class EventDispatcherThreadDemo extends Japplet{
public EventDispatcherThreadDemo(){
add(new JLabel("Hi, it runs from an event dispatch threa开发者_StackOverflowd"));
}
public static void main(Stirng[] args){
SwingUtilities.invokeLater(new Runnable(){
public void run(){
JFrame frame = new JFrame("EventDispatcherThreadDemo");
frame.add(new EventDispatcherThreadDemo());
frame.setSize(200, 200);
frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
frame.setLocationRelativeTo(null);
frame.setVisible(true);
}
});
}
}
P.S. This has nothing to do with homework, just trying to learn more about applets.
The main
method does not have any special meaning to an applet.
Your professor is including it along with a few lines to fire up the class in a JFrame, to be able to run it from the command line too with a simple "java foobar" command. This as opposed to having to run the "appletviewer foobar" command which may have issues with being launched from another program like PowerPoint. it does not give the full Applet environment though, but the demonstration programs may be so simple, it doesn't matter.
Why he chose to do so instead of just presenting you with a big HTML page with the applets in, I do not know.
The main() has no security implications for an applet since it is not called by an applet container. Even if it was, the applet would still be confined to a security sandbox.
OTOH, developing a hybrid applet/application can make a lot of sense. Traditionally Frame based apps. were easier to develop and debug than applets.
It can also make sense if you want to offer both forms to the end user. ;)
See this example of a hybrid that might help demonstrate.
Unfortunately lots of example code takes short cuts which should not be followed. The danger here is that the learner is not in a good position what to imitate and what not to.
Applet life-cycle method and the main
method are example of upcalls. Like listeners they should be short, extract necessary information, encapsulate handling of the upcall and call a method on an object that is meaningful to that object (in particular not encumbered by dependency on the upcall).
Actually there is at least one security issue. Suppose your applet:
- Is signed
- Has debugging code left in its
main
method that does something potentially dangerous like write to a file
Then an attacker can create a Java Web Start application descriptor that points to your .jar file and launches your main
method with full privileges.
This specific attack can be defended against by adding an empty file called JNLP‑INF/APPLICATION.JNLP
to your .jar file. But there may be other possible attacks, so I think your professor is right to avoid it.
精彩评论