tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 44895] New: security environments for applets incorrect for jsp pages
Date Mon, 28 Apr 2008 18:49:18 GMT

           Summary: security environments for applets incorrect for jsp
           Product: Tomcat 5
           Version: 5.5.17
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: blocker
          Priority: P1
         Component: Jasper

Unsigned java applets are allowed to make socket connections to the server
where they originated. This is a fundamental design feature of the java applet
sandbox. When I run a working applet through a jsp page (and subsequently
tomcat 5.5) I lose this vital ability. This means my customers must mess and I
must mess unnecessarily with applet signatures.   This was verified by removing
the applet jar file from my war file deployment, deploying it separately, and
running the same <applet html tag from both a bare html script and a jsp script

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message