Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / General / March 2007

Tip: Looking for answers? Try searching our database.

Java Redirect Problem

Thread view: 
Enable EMail AlertsStart New Thread
pat_cdp - 13 Mar 2007 06:25 GMT
Hi,

I have a need to conditionally navigate from a remote web page
which contains some html, some Java, and a signed java
applet, to a local html file. The condition will be based off of
a flag that I determine at run-time in a Java function; when the
condition is true, I want to redirect to something local, and
when the condition is false, I want to redirect to something
remote.

So far, I've tried document.write'ing various things from the the
javascript code (like adding a 0-second redirect, or adding a
'location.href = http://blahblahblah.com'.

I moved on to Java, where I've tried to change location by accessing
the DOM through JSObject and by trying various incantations to
getAppletContext().showDocument(). I was hoping that by running
in a secure context (from a SIGNED applet) I'd be able to
bypass these issues, but it doesn't help us directly. I can,
however, with the help of Java, run the browser from the command-
line with the new URL, and that will (sometimes) help us do what
I need, but it seems like a lot to go through to change a
simple URL.

Is there a blessed way to do this, or does this expose some
strange security issue?

TIA
Reply to this Message
Chris Uppal - 13 Mar 2007 18:16 GMT
> I have a need to conditionally navigate from a remote web page
> which contains some html, some Java, and a signed java
[quoted text clipped - 3 lines]
> when the condition is false, I want to redirect to something
> remote.

Just a thought, but I suspect that if you don't have difficulties now
persuading a browser to redirect from a page on the Web to a page on the user's
local filesystem, then you are likely to have problems in the future.

I'm not saying that it /is/ a problem, only that I think it /should/ be a
problem -- since (so far as the browser knows) no website can legitimately
know anything about the users local filesystem, any attempt to redirect there
is likely to be some sort of attack on the user's privacy.  And so the browser
ought to refuse it.

   -- chris
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.