Cross-domain resource access (for Java files)

Discussion in 'Java' started by Andrew Thompson, Aug 18, 2008.

  1. I am in the process of developing an applet for marking-up
    Java source (HTML style) for presentation, and am using
    some source both on my domain(1), as well as Knute's
    rabbitbrush.frazmtn domain(2), as examples.

    (1)
    <http://pscode.org/fmt/sbx.html?url=http://pscode.org/jh/
    HelpSetter.java>
    (2)
    <http://pscode.org/fmt/?url=http://rabbitbrush.frazmtn.com/Pong2.java>

    The point of linking to the two sites is to highlight the
    security constraints. The applet for my own site is sandboxed,
    but to access source from Knute's site, the end user needs to
    accept the fully trusted version of the applet.

    I like this scheme because the user does not even get to
    'off site' source before a lot of bells and whistles, so
    it helps (in some obtuse way) to highlight that something
    unusual is happening.

    Of course, foreign servers may simply refuse connections to
    Java applications in total, and I would like to leave that
    option open to them (so my apps. will not fib about what
    they are).

    As well, in order to give 'credit where it is due', the
    applet makes a point of adding a bar on the bottom that
    offers a button that links /directly/ to the (Java)
    source document, and adds the message 'ClassName.java
    source courtesy of the.other.domain'.

    In my discussions of potential source at Knute's site for
    test documents, he suggested that perhaps I could use a
    proxy server to get the source into my site in the sandboxed
    applet.

    That is a good idea, but I am worried that is getting too
    close to resource theft, or the perception of that.

    What do folks around here, think?

    Recommendations on ways forward:
    - Leave the applet as is - it is just one more click to
    get to source from another site.
    - Implement a proxy server, have it identify itself
    as java might, and accept any refusals gracefully.
    - Implement a proxy server, have it identify itself
    as WTH it would normally identify itself, and accept
    any refusals gracefully.

    Acknowledgment:
    - Beef up the acknowledgment of source from a different
    host by (ideas) moving the info. bar to the top, or
    popping a JOptionPane at start-up.
    - Stop stressing about it - the current detail is good
    enough for Java programmers.

    --
    Andrew Thompson
    http://pscode.org/
     
    Andrew Thompson, Aug 18, 2008
    #1
    1. Advertising

  2. On Aug 18, 1:27 pm, Andrew Thompson <> wrote:
    ...
    > In my discussions of potential source at Knute's site for
    > test documents, he suggested that perhaps I could use a
    > proxy server to get the source into my site in the sandboxed
    > applet.


    And now I really think about it, Knute might just
    have meant a proxy for *his* site, since we have a
    pre-existing arrangement of linking to some of those
    resources.

    On the other hand, the applet will be configurable
    by URL*, so I need to think on a wider scale.

    * And I do not want to have to maintain a list of
    'buy in' domains, better to let the site refuse at
    the instant.

    Oh, and bug reports etc. are welcome, but I doubt
    that the document parsing ability will ever be
    flawless.

    --
    Andrew Thompson
    http://pscode.org/
     
    Andrew Thompson, Aug 18, 2008
    #2
    1. Advertising

  3. Andrew Thompson wrote:
    > On Aug 18, 1:27 pm, Andrew Thompson <> wrote:
    > ..
    >> In my discussions of potential source at Knute's site for
    >> test documents, he suggested that perhaps I could use a
    >> proxy server to get the source into my site in the sandboxed
    >> applet.

    >
    > And now I really think about it, Knute might just
    > have meant a proxy for *his* site, since we have a
    > pre-existing arrangement of linking to some of those
    > resources.


    No I meant to have at your site so that the applet you served up could
    get the source code page from there rather than having to get it from
    the actual site. This would save your applet from having to ask for
    permission. I don't know about you but I rarely look at signed applets
    unless I know where they are coming from.

    > On the other hand, the applet will be configurable
    > by URL*, so I need to think on a wider scale.


    And instead of proxying(sp) any page, maybe just the links in the applet
    can talk to the proxy? It might be handy to get at any page though.

    > * And I do not want to have to maintain a list of
    > 'buy in' domains, better to let the site refuse at
    > the instant.


    I think so too.

    > Oh, and bug reports etc. are welcome, but I doubt
    > that the document parsing ability will ever be
    > flawless.


    --

    Knute Johnson
    email s/nospam/knute2008/

    --
    Posted via NewsDemon.com - Premium Uncensored Newsgroup Service
    ------->>>>>>http://www.NewsDemon.com<<<<<<------
    Unlimited Access, Anonymous Accounts, Uncensored Broadband Access
     
    Knute Johnson, Aug 18, 2008
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dirc Khan-Evans
    Replies:
    1
    Views:
    935
    Karl Seguin
    Oct 17, 2005
  2. Replies:
    1
    Views:
    3,503
    CyberOwl
    Sep 7, 2009
  3. avishosh
    Replies:
    2
    Views:
    10,707
    avishosh
    Aug 8, 2004
  4. Heinrich Moser
    Replies:
    1
    Views:
    480
    Heinrich Moser
    Mar 27, 2008
  5. Lee

    Cross domain iframe access

    Lee, May 21, 2008, in forum: Javascript
    Replies:
    11
    Views:
    459
Loading...

Share This Page