tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 44895] New: security environments for applets incorrect for jsp pages
Date Mon, 28 Apr 2008 18:49:18 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=44895

           Summary: security environments for applets incorrect for jsp
                    pages
           Product: Tomcat 5
           Version: 5.5.17
          Platform: PC
               URL: http://www.brookgreenconsulting.com
        OS/Version: Linux
            Status: NEW
          Severity: blocker
          Priority: P1
         Component: Jasper
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: walter_b_marvin@yahoo.com


Unsigned java applets are allowed to make socket connections to the server
where they originated. This is a fundamental design feature of the java applet
sandbox. When I run a working applet through a jsp page (and subsequently
tomcat 5.5) I lose this vital ability. This means my customers must mess and I
must mess unnecessarily with applet signatures.   This was verified by removing
the applet jar file from my war file deployment, deploying it separately, and
running the same <applet html tag from both a bare html script and a jsp script


-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message