从Javascript调用的Applet方法
我有一个小程序从特定文件夹上传一些文件并删除它们,但是当我从我的javascript代码调用applet函数时出现问题,当我从init()
调用该函数时它工作正常。
我的applet代码:
public class Uploader extends Applet { String serverPath; String clientPath; private JSObject win; @Override public void init() { serverPath = getParameter("serverPath"); clientPath = getParameter("clientPath"); try { win = JSObject.getWindow(this); } catch (JSException e) { log.warning("Can't access JSObject object"); } upload(topic,clientPath); } public void upload(String topic,String clientPath) { log.log(Level.SEVERE, "upload functiond"); DefaultHttpClient client = new DefaultHttpClient(); MultipartEntity form = new MultipartEntity(); log.log(Level.SEVERE, "upload functiond2"); try { File directory = new File(clientPath); log.log(Level.SEVERE, "upload functiond2.2"); File[] files = directory.listFiles(); log.log(Level.SEVERE, "upload functiond2.5"); int i = 0; for (File file : files) { log.log(Level.SEVERE, "upload functiond2.6"); i++; form.addPart("file" + String.valueOf(i), new FileBody(file)); System.out.println("adding file " + String.valueOf(i) + " " + file); log.log(Level.SEVERE, "adding file " + String.valueOf(i) + " " + file); } log.log(Level.SEVERE, "upload functiond3"); form.addPart("topic", new StringBody(topic, Charset.forName("UTF-8"))); form.addPart("action", new StringBody(action, Charset.forName("UTF-8"))); form.addPart("path", new StringBody(serverPath, Charset.forName("UTF-8"))); HttpPost post = new HttpPost(serverPath); ....
这是我的javascript代码:
document.applet.upload(title,"c:\scan");
当我从javascript打电话时只打印日志:
log.log(Level.SEVERE, "upload functiond2.2");
请注意,当我从applet的init
方法调用时,它工作正常。
我将我的代码包装到PriviligedAction
,但只向前迈出一步并坚持下去
log.log(Level.SEVERE, "upload functiond2.5");
Java和JS的交互使安全性变得复杂。 JRE不能信任JS,因此它决定包含代码的整个“操作链”是不可信的。 有办法解决它。
代码需要包装在PrivilegedAction
并使用doPrivileged(..)
之一的AccessController
方法调用。 查看AccessController
文档的顶部。 (在方法上方)查看示例用法。