这个小程序是否适用于冰茶JRE?
我提到了一个小型演示。在 Setting up policies for an Applet embedded in HTML&一个冰茶JRE用户评论说该演示。失败 对他们来说他们拒绝了对applet的许可(从而将其限制在沙盒中)&是假设看 绿色的'这个小程序是沙盒'页面。相反,小程序完全失败了,他们看到了一个“灰色空间” 小程序应该在哪里。
我想说它试图实例化一个File对象,这是不同的。 I.E.
Sun / Oracle JRE会毫无问题地允许它,只会引发安全性异常
当applet尝试创建JFileChooser时。 OTOH冰茶JRE不允许
要创建File。
因此,此代码应解决该问题。它移动了创建/添加
JEditorPane并安装1st
在new File(..)来电之前,“全部失败”消息,然后是绿色的“沙盒”页面。
我的问题是。对于使用Iced Tea JRE的用户,此代码是否“广告化”?
测试它:
- 访问applet pscode.org/test/docload/applet-latest.html
- 拒绝经过数字签名的代码。这对于创建正确的代码非常重要 测试applet的条件。
- 观察/报告applet是否加载绿色 sandbox.html。沙盒装 文件将代表修复错误的“成功”。
同样感兴趣(可能会有什么)是主页 Demo of Defensive Loading of Trusted Applets,链接 到小程序页面,小程序中显示的每个HTML文件,以及包含该小程序的ZIP存档 代码来源& HTML和一个Ant build.xml,这样你就可以“在家里做孩子们”。
这是新代码。
package org.pscode.eg.docload;
import java.awt.BorderLayout;
import java.awt.event.ActionListener;
import java.awt.event.ActionEvent;
import javax.swing.JApplet;
import javax.swing.JButton;
import javax.swing.JEditorPane;
import javax.swing.JPanel;
import javax.swing.JScrollPane;
import javax.swing.JFileChooser;
import java.net.URL;
import java.net.MalformedURLException;
import java.io.File;
import java.io.IOException;
import java.security.AccessControlException;
/** An applet to display documents that are JEditorPane compatible.
This applet loads in a defensive way in terms of the security environment,
in case the user has refused to accept the digitally signed code. */
public class DocumentLoader extends JApplet {
JEditorPane document;
@Override
public void init() {
System.out.println("init()");
JPanel main = new JPanel();
main.setLayout( new BorderLayout() );
getContentPane().add(main);
document = new JEditorPane("text/html",
"<html><body><h1>Testing</h1><p>Testing security environment..");
main.add( new JScrollPane(document), BorderLayout.CENTER );
System.out.println("init(): entering 'try'");
try {
// set up the green 'sandboxed URL', as a precaution..
URL sandboxed = new URL(getDocumentBase(), "sandbox.html");
document.setPage( sandboxed );
// It might seem odd that a sandboxed applet can /instantiate/
// a File object, but until it goes to do anything with it, the
// JVM considers it 'OK'. Until we go to do anything with a
// 'File' object, it is really just a filename.
System.out.println("init(): instantiate file");
File f = new File(".");
System.out.println("init(): file instantiated, create file chooser");
// Everything above here is possible for a sandboxed applet
// *test* if this applet is sandboxed
final JFileChooser jfc =
new JFileChooser(f); // invokes security check
jfc.setFileSelectionMode(JFileChooser.FILES_ONLY);
jfc.setMultiSelectionEnabled(false);
System.out.println(
"init(): file chooser created, " +
"create/add 'Load Document' button");
JButton button = new JButton("Load Document");
button.addActionListener( new ActionListener(){
public void actionPerformed(ActionEvent ae) {
int result = jfc.showOpenDialog(
DocumentLoader.this);
if ( result==JFileChooser.APPROVE_OPTION ) {
File temp = jfc.getSelectedFile();
try {
URL page = temp.toURI().toURL();
document.setPage( page );
} catch(Exception e) {
e.printStackTrace();
}
}
}
} );
main.add( button, BorderLayout.SOUTH );
// the applet is trusted, change to the red 'welcome page'
URL trusted = new URL(getDocumentBase(), "trusted.html");
document.setPage(trusted);
} catch (MalformedURLException murle) {
murle.printStackTrace();
document.setText( murle.toString() );
} catch (IOException ioe) {
ioe.printStackTrace();
document.setText( ioe.toString() );
} catch (AccessControlException ace) {
ace.printStackTrace();
// document should already be showing sandbox.html
}
}
@Override
public void start() {
System.out.println("start()");
}
@Override
public void stop() {
System.out.println("stop()");
}
@Override
public void destroy() {
System.out.println("destroy()");
}
}
2 个答案:
答案 0 :(得分:3)
这是java.stderr上的输出(相当于Java控制台的一半 - 另一半是java.stdout,在你的情况下是空的):
net.sourceforge.jnlp.LaunchException: Fatal: Initialization Error: Could not initialize applet.
at net.sourceforge.jnlp.Launcher.createApplet(Launcher.java:604)
at net.sourceforge.jnlp.Launcher.getApplet(Launcher.java:548)
at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:729)
Caused by: net.sourceforge.jnlp.LaunchException: Fatal: Launch Error: Jars not verified.
at net.sourceforge.jnlp.runtime.JNLPClassLoader.checkTrustWithUser(JNLPClassLoader.java:467)
at net.sourceforge.jnlp.runtime.JNLPClassLoader.initializeResources(JNLPClassLoader.java:410)
at net.sourceforge.jnlp.runtime.JNLPClassLoader.<init>(JNLPClassLoader.java:168)
at net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:249)
at net.sourceforge.jnlp.Launcher.createApplet(Launcher.java:575)
... 2 more
Caused by:
net.sourceforge.jnlp.LaunchException: Fatal: Launch Error: Jars not verified.
at net.sourceforge.jnlp.runtime.JNLPClassLoader.checkTrustWithUser(JNLPClassLoader.java:467)
at net.sourceforge.jnlp.runtime.JNLPClassLoader.initializeResources(JNLPClassLoader.java:410)
at net.sourceforge.jnlp.runtime.JNLPClassLoader.<init>(JNLPClassLoader.java:168)
at net.sourceforge.jnlp.runtime.JNLPClassLoader.getInstance(JNLPClassLoader.java:249)
at net.sourceforge.jnlp.Launcher.createApplet(Launcher.java:575)
at net.sourceforge.jnlp.Launcher.getApplet(Launcher.java:548)
at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:729)
java.lang.NullPointerException
at net.sourceforge.jnlp.NetxPanel.runLoader(NetxPanel.java:99)
at sun.applet.AppletPanel.run(AppletPanel.java:380)
at java.lang.Thread.run(Thread.java:636)
java.lang.NullPointerException
at sun.applet.AppletPanel.run(AppletPanel.java:430)
at java.lang.Thread.run(Thread.java:636)
java.lang.Exception: Applet initialization timeout
at sun.applet.PluginAppletViewer.handleMessage(PluginAppletViewer.java:637)
at sun.applet.PluginStreamHandler.handleMessage(PluginStreamHandler.java:270)
at sun.applet.PluginMessageHandlerWorker.run(PluginMessageHandlerWorker.java:82)
java.lang.RuntimeException: Failed to handle message: handle 60822154 for instance 2
at sun.applet.PluginAppletViewer.handleMessage(PluginAppletViewer.java:660)
at sun.applet.PluginStreamHandler.handleMessage(PluginStreamHandler.java:270)
at sun.applet.PluginMessageHandlerWorker.run(PluginMessageHandlerWorker.java:82)
Caused by: java.lang.Exception: Applet initialization timeout
at sun.applet.PluginAppletViewer.handleMessage(PluginAppletViewer.java:637)
... 2 more
因此,如果我在对话框中按取消,看起来你的applet代码甚至都没有加载。
我认为你无法从Java端做到这一点 - 也许使用其他签名程序或JNLP启动applet会有所帮助。或者提交有关IcedTea的错误报告。
为了证明这一点,我通过省略applet中的所有关键内容创建了一个真正简单的applet:
package org.pscode.eg.docload;
import java.awt.FlowLayout;
import javax.swing.*;
public class Example extends JApplet {
JLabel label;
public void init()
{
System.out.println("init()");
SwingUtilities.invokeLater(new Runnable(){public void run() {
label = new JLabel("inited.");
getContentPane().setLayout(new FlowLayout());
getContentPane().add(label);
}});
}
@Override
public void start() {
System.out.println("start()");
label.setText("started.");
}
@Override
public void stop() {
System.out.println("stop()");
label.setText("stopped.");
}
@Override
public void destroy() {
System.out.println("destroy()");
label.setText("destroyed.");
}
}
我编译了这个并修改了你的HTML文件而不是使用它,它给出了完全相同的症状。
似乎IcedTea重新定义了当用户按下取消时要执行的操作。公平地说,对话框中的按钮是“运行”和“取消”,而不是“以所有权限运行”和“运行沙盒”。
(在Sun的对话框中有相同的按钮,但实际上它们意味着别的东西而不是问。)
答案 1 :(得分:1)
作为参考,我可以在Ubuntu 10.04上使用IcedTea 1.9.7确认@PaŭloEbermann的结果:
$ java -version java version "1.6.0_20" OpenJDK Runtime Environment (IcedTea6 1.9.7) (6b20-1.9.7-0ubuntu1~10.04.1) OpenJDK Client VM (build 19.0-b09, mixed mode, sharing)
appletviewer显示预期的sandbox和fllowing诊断输出。 Ubuntu上的Firefox仅提供Run(可信任)或Cancel(无)。
$ appletviewer http://pscode.org/test/docload/applet-latest.html
Warning: Can't read AppletViewer properties file: … Using defaults.
init()
init(): entering 'try'
init(): instantiate file
init(): file instantiated, create file chooser
java.security.AccessControlException: access denied (java.util.PropertyPermission user.home read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:393)
at java.security.AccessController.checkPermission(AccessController.java:553)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1302)
at java.lang.System.getProperty(System.java:669)
at javax.swing.filechooser.FileSystemView.getHomeDirectory(FileSystemView.java:397)
at javax.swing.plaf.metal.MetalFileChooserUI.installComponents(MetalFileChooserUI.java:282)
at javax.swing.plaf.basic.BasicFileChooserUI.installUI(BasicFileChooserUI.java:153)
at javax.swing.plaf.metal.MetalFileChooserUI.installUI(MetalFileChooserUI.java:155)
at javax.swing.JComponent.setUI(JComponent.java:651)
at javax.swing.JFileChooser.updateUI(JFileChooser.java:1781)
at javax.swing.JFileChooser.setup(JFileChooser.java:374)
at javax.swing.JFileChooser.(JFileChooser.java:347)
at javax.swing.JFileChooser.(JFileChooser.java:330)
at org.pscode.eg.docload.DocumentLoader.init(DocumentLoader.java:57)
at sun.applet.AppletPanel.run(AppletPanel.java:436)
at java.lang.Thread.run(Thread.java:636)
start()
stop()
destroy()
在Mac OS X上,Safari 5.05产生预期的结果;和appletviewer产生可比较但不相同的输出。
$ java -version
java version "1.6.0_24"
Java(TM) SE Runtime Environment (build 1.6.0_24-b07-334-9M3326)
Java HotSpot(TM) 64-Bit Server VM (build 19.1-b02-334, mixed mode)
$ appletviewer http://pscode.org/test/docload/applet-latest.html
init()
init(): entering 'try'
init(): instantiate file
init(): file instantiated, create file chooser
java.security.AccessControlException: access denied (java.io.FilePermission . read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:374)
at java.security.AccessController.checkPermission(AccessController.java:546)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
at java.lang.SecurityManager.checkRead(SecurityManager.java:871)
at java.io.File.exists(File.java:731)
at javax.swing.JFileChooser.setCurrentDirectory(JFileChooser.java:548)
at javax.swing.JFileChooser.(JFileChooser.java:334)
at javax.swing.JFileChooser.(JFileChooser.java:316)
at org.pscode.eg.docload.DocumentLoader.init(DocumentLoader.java:57)
at sun.applet.AppletPanel.run(AppletPanel.java:424)
at java.lang.Thread.run(Thread.java:680)
start()
stop()
destroy()
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?