我有一个小程序从特定文件夹上传一些文件并将其删除,但是当我从我的javascript代码调用applet函数时出现问题,当我从init()调用该函数时,它工作正常。
我的小程序代码:
public class Uploader extends Applet {
String serverPath;
String clientPath;
private JSObject win;
@Override
public void init() {
serverPath = getParameter("serverPath");
clientPath = getParameter("clientPath");
try {
win = JSObject.getWindow(this);
} catch (JSException e) {
log.warning("Can't access JSObject object");
}
upload(topic,clientPath);
}
public void upload(String topic,String clientPath) {
log.log(Level.SEVERE, "upload functiond");
DefaultHttpClient client = new DefaultHttpClient();
MultipartEntity form = new MultipartEntity();
log.log(Level.SEVERE, "upload functiond2");
try {
File directory = new File(clientPath);
log.log(Level.SEVERE, "upload functiond2.2");
File[] files = directory.listFiles();
log.log(Level.SEVERE, "upload functiond2.5");
int i = 0;
for (File file : files) {
log.log(Level.SEVERE, "upload functiond2.6");
i++;
form.addPart("file" + String.valueOf(i), new FileBody(file));
System.out.println("adding file " + String.valueOf(i) + " " + file);
log.log(Level.SEVERE, "adding file " + String.valueOf(i) + " " + file);
}
log.log(Level.SEVERE, "upload functiond3");
form.addPart("topic", new StringBody(topic, Charset.forName("UTF-8")));
form.addPart("action", new StringBody(action, Charset.forName("UTF-8")));
form.addPart("path", new StringBody(serverPath, Charset.forName("UTF-8")));
HttpPost post = new HttpPost(serverPath);
....
这是我的javascript代码:
document.applet.upload(title,"c:\scan");
当我从javascript打电话时只打印日志:
log.log(Level.SEVERE, "upload functiond2.2");
请注意,当我从applet的init方法调用时,它可以正常工作。
我将我的代码包装成PriviligedAction,但只向前迈出一步并挂在
log.log(Level.SEVERE, "upload functiond2.5");
答案 0 :(得分:4)
Java和JS的交互使安全性变得复杂。 JRE不能信任JS,所以它决定了整个'操作链。包含您的代码是不可信的。有办法解决它。
代码需要包含在PrivilegedAction中,并使用doPrivileged(..) AccessController之一进行调用。查看{{1}}文档的顶部。 (在方法之上)以查看示例用法。