Manipulating an applet is as easy as entering
javascript:document.getElementsByTagName("applet")[0].publicMethod();
into the address bar. How can I protect my applet from such manipulation?
views:
86answers:
3
+7
A:
It's not possible to implement security on the client side. You can make things more difficult by obfuscating your code, but obfuscation will only stop casual users from tampering. A determined and knowledgable user will be able to reverse engineer the applet even if it is obfuscated. No matter what you do, there will always be someone smart enough to figure out a way around it.
If security is important, do it on the server.
Mark Byers
2010-08-15 22:58:26
Thanks for clarifying.
George
2010-08-16 03:29:23
A:
Only public applet methods can be accessed. So the solution to your problem is making the method private/protected.
mhitza
2010-08-15 22:59:54
That was my first thought, but then init(), start(), mousePressed(), keyPressed(), etc. would still be exposed.
George
2010-08-15 23:03:05
@George: I am afraid you cannot do anything about that, they are part of inherited methods, anyway, so you can't make them "narrower" in access modifier :(
Michael Mao
2010-08-15 23:07:08
@George: Why don't you want people to use javascript callbacks to interact with your applet? Do you have something against people who require usability software in order to interact with computers?
Anon.
2010-08-15 23:29:21
In the end I realize that it's not really a serious issue, at least not for the program I'm working on currently.
George
2010-08-16 03:27:50
A:
Make the methods private. As for init(), start(), mousePressed(), keyPressed(), etc, just have those methods call upon the private ones
Parker
2010-08-15 23:09:06