Loading custom font security issues

roland · July 23, 2011, 11:48am

Hi, I have this code here that works fine offline, but fails online because of security IO issues.


font = Font.createFont(Font.TRUETYPE_FONT,new File("font.ttf")).deriveFont(20f);

I think the problem is that it is trying to load the font from the user’s file system instead of from the server. How can I fix this?
thanks

Dx4 · July 23, 2011, 1:27pm

roland:

Hi, I have this code here that works fine offline, but fails online because of security IO issues.
font = Font.createFont(Font.TRUETYPE_FONT,new File("font.ttf")).deriveFont(20f);
I think the problem is that it is trying to load the font from the user’s file system instead of from the server. How can I fix this?
thanks

try putting the font in the jar then using getClass().getClassLoader().getResourceAsStream( … ) and passing the stream into createFont instead. the accesscontrolcontext created by createFont with an input stream should have temp folder write permission.

HTH

David

roland · July 24, 2011, 3:25am

Thanks for the reply David. That sounds like a good way to do it.
I found another way too:

URL url = null;
		try 
		{
			url = new URL(getCodeBase(), "font.ttf");
			InputStream in=url.openStream();
			m_font = Font.createFont(Font.TRUETYPE_FONT,in).deriveFont(20f);
		} 
		catch (Exception e) {}

Dx4 · July 24, 2011, 7:55am

roland:

Thanks for the reply David. That sounds like a good way to do it.
I found another way too:

URL url = null;
		try 
		{
			url = new URL(getCodeBase(), "font.ttf");
			InputStream in=url.openStream();
			m_font = Font.createFont(Font.TRUETYPE_FONT,in).deriveFont(20f);
		} 
		catch (Exception e) {}

no worries, glad i could help.