Applets: Cross Domain Network Access

brackeen · February 24, 2008, 7:59pm

Info on Silverlight 2:
http://weblogs.asp.net/scottgu/pages/silverlight-tutorial-part-3-using-networking-to-retrieve-data-and-populate-a-datagrid.aspx

[quote]Silverlight 2 applications can always call back to their “origin” server when making network calls (meaning they can call URLs on the same domain that the application was downloaded from). Silverlight 2 applications can also optionally make cross-domain network calls (meaning they can call URLs on different domains from where the application was downloaded from) when the remote web server has an XML policy file in place that indicates that clients are allowed to make these cross-domain calls.
[/quote]
Flash also has a cross domain policy file format. Should Java have something like this?

For games it could mean grabbing your friend list from a social networking site (Facebook, open social, etc) and list your high score compared to theirs. No need to write server-side code.

Matzon · February 24, 2008, 8:37pm

of course java should have this - it should have had it 10 years ago!

oNyx · February 25, 2008, 12:51am

Should Java have something like this?

Yes.

I actually was about to file an RFE today, but stopped in the middle, because there were only wrong options… and the thought that even if everything goes right it might take a decade… sorta put me off.

I anyone can be arsed, I’ll vote for it.

Matzon · February 25, 2008, 7:04am

The important bit, is that cross domain activity is only allowed by somekind of descriptor - preferably the flash format that silverlight has adopted too.
it should never ever default be allowed to do cross domain access - this is a huge security issues, as witnessed with the flash + local upnp hacks that have been seen lately.