Web And Email Hosting, Discount Web Hosting, Subdomain, Vps Hosting, Cpanel, Programming Blog

1252 Part V . Putting JavaScript to Work Because NN4 s security alerts provided (at times excruciating) detail about the nature of the privilege being requested by the Web site, targets had various risk lev els and categories. These concerns are less of an issue in NN6, but they are pro vided here for your more complete understanding of the mechanisms beneath the Privilege Manager. Each target has associated with it a risk level (low, medium, or high) and two plain-language descriptions about the kinds of actions the target exposes to code. This information appears in the NN4 security privilege dialog box that faces a user the first time a particular signature requests privileges. All of the targets related to scripted access are medium or high risk, because they tend to open up local hard disk files and browser settings. Netscape has produced two categories of targets: primitive and macro. A primi tive target is the most limited target type. It usually confines itself to either reading or writing of a particular kind of data, such as a local file or browser preference. A macro target usually combines two or more primitive targets into a single target to simplify the user experience when your scripts require multiple kinds of access. For example, if your script must both read and write a local file, it could request privi leges for each direction, but the user would be presented with a quick succession of two similar-looking security dialog boxes. Instead, you can use a macro target that combines both reading and writing into the privilege. The user sees one secu rity dialog box, which, in NN4, explains that the request is for both read and write access to the local hard disk. Likely targets for scripted access include a combination of primitive and macro targets. Table 46-1 shows the most common script-related targets and the informa tion that appears in the security dialog box. For each call to netscape.security.PrivilegeManager.enablePrivilege(), you specify a single target name as a string, as in netscape.security.PrivilegeManager.enablePrivilege( UniversalBrowserRead ) This specification allows you to enable, revert, and disable individual privileges as required in your script. Table 46-1 Scripting-Related Privilege Targets Target Name Risk Short Description Long Description UniversalBrowserAccess High Reading or modifying browser data Reading or modifying browser data that may be considered private, such as a list of Web sites visited or the contents of Web forms you may have filled in. Modifications may also include creating windows that look like they belong to another program or positioning windows anywhere on the screen.
Check Tomcat Web Hosting services for best quality webspace to host your web application.

1251Chapter 46 .Security and Netscape Signed Scripts no longer work. However, if you perform a purely binary transfer of the HTML files, every byte is the same, and the signature should work. This operating system-specific text representation affects only how files are stored on servers, not how various client platforms interpret the source code. Accessing Protected Properties and Methods For the browser to allow access to protected properties or methods, it must have its privileges enabled. Only the user can grant permission to enable privileges, but it is up to your code to request those privileges of the user. Gaining privileges NN4+ comes with some Java classes that allow signed scripts and other signed objects to display the privilege request alert windows, and then turn on the privi leges if the user clicks the OK or Grant button. A lot of these classes show up in the netscape.securitypackage, but scripters only work directly with one class and three of its methods: netscape.security.PrivilegeManager.enablePrivilege([ targetName ]) netscape.security.PrivilegeManager.revertPrivilege([ targetName ]) netscape.security.PrivilegeManager.disablePrivilege([ targetName ]) The enablePrivilege() method is the one that displays the security alert for the user. In NN4, the specific target named as a parameter influenced the details of the security alert message; for NN6, the security alert is generic (and far less intimi dating). If the user grants the privilege, script processing continues with the next statement. But if the user denies access, then processing stops, and the PrivilegeManager class throws a Java exception that gets displayed as a JavaScript error message. Later in this chapter I show you how to gracefully handle the user s denial of access. Enabling a privilege in JavaScript is generally not as risky as enabling a Java applet. The latter can be more easily hijacked by an alien class to piggyback on the trusted applet s privileges. Even though the likelihood of such activity taking place in JavaScript is very low, turning privileges off after the statement that requires privileges is always a good idea. Use the revertPrivilege()method to temporar ily turn off the privilege; another statement that enables the same privilege target will go right ahead without asking the user again. Disable privileges only when the script requiring privileged access won t be run again until the page reloads. Specifying a target Rather than opening blanket access to all protected capabilities in one blow, the Netscape security model defines narrow capabilities that are opened up when privi leges are granted. Each set of capabilities is called a target. Netscape defines dozens of different targets, but not all of them are needed to access the kinds of methods and properties available to JavaScript. You will likely confine your targets to the nine discussed here.
Searching for affordable and reliable webhost to host and run your web applications? Go to our java web server services and you will be pleased.

1250 Part V . Putting JavaScript to Work page, the ARCHIVE attribute would be located in the main A Source Code Example Only

Editing and moving signed scripts The nature of the script signing process requires that even the slightest modification you make to a signed script source code requires re-signing the page. For this reason, enabling codebase principals while you create and debug your early code is a convenient alternative. The rigid link between the hash value of a script element at both the signing and visitor loading times means that you must exercise care when shifting an HTML file that contains signed script elements between servers of differing operating systems. Windows, UNIX, and Macintosh have different ways of treating carriage returns. If you change the representation of an HTML source file when you move the source from, say, a Windows machine to a UNIX server, then the signature may
In case you need affordable webhost to host your website, our recommendation is ecommerce web host services.

1249Chapter 46 .Security and Netscape Signed Scripts The ID attribute More perplexing to scripters coming to script signing for the first time is the ID attribute. The IDattribute is merely a label for each script. Each script must have a label that is unique among all labels specified for a JAR archive file. As with the ARCHIVEattribute, the IDplays a dual role. When you run your page through SignTool, the utility scans the page for these IDattributes. When SignTool encounters one, it calculates a hash value (something like a checksum) on the content of the script. For a For a function handler, the IDattribute comes after the event handler inside the object tag, as follows: And for a JavaScript entity, the IDattribute must be specified in an empty tag boundary. An event handler even one that calls a function living in a tag. SignTool utility uses the ARCHIVE attribute to assign a name to its archive output file. After the signed page loads into the visitor s browser, the attribute points to the file containing signed script information. Having more than one JAR archive file associated with a signed page is possible. Typically, such a situation calls for a sec ond JAR archive overseeing a confined portion of the page. That second archive file may even be embedded in the primary archive file, allowing a script segment signed by one principal to be combined with scripts signed by a different principal.
If you are searching for cheap webhost for your web application, please visit MySQL5 Web Hosting services.

1247Chapter 46 .Security and Netscape Signed Scripts Depending on which version of Navigator you are running, if you set up your browser for codebase principals, you may not be able to verify a certificate that is presented to you when accessing someone else s Web site even if it is a valid cryptographic certificate. Therefore, even though secure requests won t slip past you silently, your Navigator won t necessarily have the protective shield it normally does to identify certificate holders beyond the URL of the code. Enable codebase principals only on a copy of Navigator that doesn t venture beyond your develop ment environment. To activate codebase principals for your copy of Navigator, fol low these steps: 1. Quit Navigator. 2. Search your hard disk for a Navigator 4 support file named prefs.js or Navigator 6 support file named all.js. 3. Edit the version-specific file in a text editor as follows: a. For NN4, add the following line to the end of the prefs.js file: user_pref( signed.applets.codebase_principal_support , true); b. For NN6, change the codebase_principal preference in all.js from false to true: pref( signed.applets.codebase_principal_support , true); 4. Save the file. To deactivate codebase principals, quit Navigator and then change the true set ting of the affected line to false. Because Navigator 4 rebuilds the preference file upon quitting, the entry will be in alphabetical order rather than at the end of the file where you first entered it. This preferences setting does not affect your ability to sign scripts with your certificate as described in the rest of this article. Signing Scripts The process of signing scripts entails some new concepts for even experienced JavaScript authors. You must use a separate signing tool program. You must also prepare the page that bears scripts so that the tool and the object signing facilities of the browser can do their jobs. Signing tool Download the latest version of Netscape s SignTool from links you find at http://developer.netscape.com:80/software/signedobj/jarpack.html (you find different versions for a variety of Windows and Unix versions). This tool includes a utility program called a JAR Packager. A JAR file is a special kind of zipped file collection that has been designed to work with the Navigator security infrastructure. The letters of the name stand for Java ARchive, which is a file format standard developed primarily by Sun Microsystems in cooperation with Netscape and others. A JAR file s extension is .jar, and when it contains signed script information, it holds at least one file, known as the manifest, or list of items zipped together in the file. Among the items in the manifest is certificate information and data (a hash
If you are looking for affordable and reliable webhost to host and run your business application visit our ftp web hosting services.

1246 Part V . Putting JavaScript to Work The Digital Certificate Before you can sign a script or other object, you must apply for a digital certificate. A digital certificate (also called a digital ID) is a small piece of software that gets downloaded and bound to the developer s Navigator browser on a particular computer. Each downloaded digital certificate appears in the list of certificates under the Mine category in Navigator 6 s Security Manager window (accessible through the Tasks menu). If you have not yet applied for a certificate, the list is empty. When you sign a page with the certificate, information about the certificate is included in the file generated by the signing tool. Possession of a certificate makes you what is known as a principal. If a user loads a page that has signed stuff in it, a security alert advises the user that a Web site is requesting enhanced privileges. Certificates are issued by organizations established as certificate authorities. A certificate authority (known as a CA for short), or a certificate server authorized by a CA, registers applicants and issues certificates to individuals and software developers. When you register for a certificate, the CA queries you for identification information, which it verifies as best it can. The certificate that is issued to you identifies you as the holder of the certificate. Under the Authorities category of the Security Manager window are the certificate authorities loaded into the browser when you installed the browser. These are organizations that issue certificates. The CA of the organization that issues your certificate must be listed for you to sign scripts. How to get a certificate You must visit a certificate vendor to obtain your certificate. The cost ranges from about $20 to many hundreds of dollars depending on the vendor and the type of certificate you want to obtain. One vendor that is aware of the needs of Netscape object signing is Thawte Digital Certificate Services (www.thawte.com). This CA offers a certificate expressly for developers performing Netscape object signing. Verisign (www.verisign.com) is also recommended. Because one of the foundations of a certificate is the identity of the certificate owner, registration requires submitting documentation that proves the identity of your organization. Each CA has different requirements, so check the latest information at the CA s enrollment Web site. After the CA processes your application, the company sends you an e-mail message with a code number to pick up your certificate at the CA s Web site. The act of picking up the certificate is actually downloading the certificate into your browser. Therefore, be sure you are using the Navigator browser on the computer with which you will use to sign your pages. Activating the codebase principal If you want to try out the capabilities available to signed scripts from a server without purchasing a certificate (or without going through the signing process described later in this chapter during script development and debugging), you can set up your copy of Navigator to accept what is called a codebase principal in place of a genuine certificate. A codebase principal means that the browser accepts the source file as a legitimate principal, although it contains no identification as to the owner or certificate.
Looking for affordable and reliable webhost to host and run your business application? Then look no more and go to servlet web hosting services.

1245Chapter 46 .Security and Netscape Signed Scripts be a Java applet, a plug-in, or a script) with the electronic equivalent of a wax seal stamped by the author s signet ring. At the receiving end, a user is informed that a sealed chunk of code is requesting some normally protected access to the computer or browser. The user can examine the seal to see who authored the code and the nature of access being requested. If the user trusts the author not to be a Bad Guy, the user grants permission for that code to execute; otherwise the code does not run at all. Additional checks take place before the code actually runs. That electronic seal contains an encrypted, reduced representation of the code as it was locked by the author. If the encrypted representation cannot be re-created at the client end (it takes only a fraction of a second to check), it means the code has been modified in transit and will not run. In truth, nothing prevents an author from being a Bad Guy, including someone you may normally trust. The point of the object signing system, however, is that a trail leads back to the Bad Guy. An author cannot use this technology to sneak into your computer or browser without your explicit knowledge and permission. Signed objects and scripts A special version of the signed object technology is the one that lets scripts be locked down by their author and electronically signed. Virtually any kind of script in a document can be signed: a linked .js library, scripts in the document, event handlers, and JavaScript entities. As described later in this chapter, you must prepare your scripts for being signed, and then run the entire page through a special tool that attaches your electronic signature to the scripts within that page. What you get with signed scripts If you sign your scripts and the user grants your page permission to do its job, signed scripts open up your application to a long list of capabilities, some of which border on acting like genuine local applications. Because the designers of NN4+ know that signed scripts are available to authors, a huge number of properties and actions are exposed to authors. The most obvious power you get with signed scripts is freedom from the restrictions of the same origin policy. All object properties and methods that perform origin checks for access in other frames and windows become available to your scripts without any special interaction with the user beyond the dialog box that requests the one-time permission for the page. Some operations that normally display warnings about impending actions sending a form to a mailto: URL or closing the main browser window under script control lose those warning dialog boxes if the user grants the appropriate permission to a signed script. Object properties considered private information, such as individual URLs stored in the history object and browser preferences, are opened up, including the possibility of altering browser preferences. Existing windows can have their chrome elements hidden. New windows can be set to be always raised or lowered, sized to very small sizes, or positioned offscreen. The dragDrop event of a window reveals its URL. All of these are powerful points of access, provided the user grants permission. Again, however, I emphasize that these capabilities are accessible via Netscape s signed script policy only. Internet Explorer, at least through Version 5.5, does not support Netscape s signed script policy.
From our experience, we are can tell you that you can find a reliable and cheap webhost service at Java Web Hosting services.

1244 Part V . Putting JavaScript to Work a document from a different origin. But in IE4+ and W3C DOM browsers, scripts from one origin won t be able to modify (or even copy) partial content from a frame whose content comes from another origin. NN4 layer object checks While most of a NN4 layer s content is protected by the restrictions that apply to the document object inside, a layer object also has a potentially revealing src property. This is essentially similar to the location.hrefproperty of a frame. Thus the src property requires an origin check before yielding its information. Form object checks Form data is generally protected by the restriction to a document s forms[] array. But should a script in another window or frame also know the name of the form, that, too, won t enable access unless both documents come from the same origin. Applet object checks The same goes for named Java applets. A script cannot retrieve information about the class file name unless both documents are from the same origin (although the applet can be from anywhere). LiveConnect access from a Java applet to JavaScript is not an avenue to other windows and frames from other origins. Any calls from the applet to the objects and protected properties described here undergo origin checks when those objects are in other frames and windows. The applet assumes the origin of the document that contains the applet, not the applet codebase. Image object checks While image objects are accessible from other origins, their src and lowsrc properties are not. These URLs could reveal some or all the URL info about the doc ument containing them. Linked script library checks To prevent a network-based script from hijacking a local script library file, NN4+ prevents a page from loading a file: protocol library in the SRC attribute of a