• From: David Megginson <david@m...>
• To: "'xml-dev@i...'" <xml-dev@i...>
• Date: Fri, 7 May 1999 07:54:23 -0400 (EDT)

James Powell writes:

 > I've been trying to use the small aelfred java parser.
 > 
 > I've had problems when using it in an applet. Netscape
 > gives out security errors due to loading the XML file
 > off of a webpage.

The default security model in most browsers allows an applet to open
TCP/IP connections only to the host from which it was loaded.  For
example, if your applet is at http://www.foo.com/javastuff/stuff.jar,
it will be able to load

  http://www.foo.com/docs/bar.xml

but *not*

  http://www.hack.com/documents/snarf.xml

I think that that's getting better in newer browsers, but I haven't
looked for a while.  The JDK plug-in from Sun might also help.

Look at the bright side -- at least there's no equivalent of Melissa
in the Java world, yet (imagine if hostile applets could start
connecting to arbitrary SMTP hosts).


All the best,


David

-- 
David Megginson                 david@m...
           http://www.megginson.com/

xml-dev: A list for W3C XML Developers. To post, mailto:xml-dev@i...
Archived as: http://www.lists.ic.ac.uk/hypermail/xml-dev/ and on CD-ROM/ISBN 981-02-3594-1
To (un)subscribe, mailto:majordomo@i... the following message;
(un)subscribe xml-dev
To subscribe to the digests, mailto:majordomo@i... the following message;
subscribe xml-dev-digest
List coordinator, Henry Rzepa (mailto:rzepa@i...)

• References:
  • examples of aelfred use in applets required
    • From: James Powell <james.powell@b...>

• Prev by Date: Thread-safe SAX parsing (was Re: Java based XML parsers for server use.)
• Next by Date: Re: Java based XML parsers for server use.
• Previous by thread: examples of aelfred use in applets required
• Next by thread: La société DISTAL déménage à Boulogne Billancourt
• Index(es):
  • Date
  • Thread