Java-Gaming.org Hi !
Featured games (83)
games approved by the League of Dukes
Games in Showcase (513)
Games in Android Showcase (121)
games submitted by our members
Games in WIP (577)
games currently in development
News: Read the Java Gaming Resources, or peek at the official Java tutorials
 
    Home     Help   Search   Login   Register   
Pages: 1 2 [3]
  ignore  |  Print  
  feedback requested: security warning text  (Read 11009 times)
0 Members and 1 Guest are viewing this topic.
Offline trembovetski

Senior Duke




If only I knew what I'm talking about!


« Reply #60 - Posted 2009-04-23 04:58:24 »

Do not allow such behaviour on untrusted applications. Don't throw exception, just make is a no-op when the attempt is made.

What's so bad about this solution? It seems so obvious.

Well, for one, what do you do about Window? Disallow showing them? That'd break backward compatibility.

FYI, popup menus are undecorated windows (when they extend beyond toplevel bounds). And because of the wonderful swing architecture you can put whatever you want into a menu.

Another thing with placing warning into the title bar that I can see is that on Windows it may not be visible in some themes.
Also, what do you do about non-resizeable windows? If the title which includes the warning doesn't fit into the title bar, then what? Make window resizeable? But it'll break all kinds of applications which don't expect to be resized.

So, it ain't that easy.

Dmitri
Offline trembovetski

Senior Duke




If only I knew what I'm talking about!


« Reply #61 - Posted 2009-04-23 05:01:16 »

Yeah, now I agree that this would be better than the current warning sign. Like OrangyTang said, users are familiar with it.

Also, like was said before, applets shouldn't really need to pop up windows except for functional things like popping a file-open dialog which will always have a title bar (and won't be undecorated or translucent).

 If your applet doesn't show a window, there won't be an icon, so that's not a problem, right?

The issue is that if your applet does need a toplevel window, it will have to have a warning. And, same goes for webstart apps, since they definitely will have at least one toplevel window.
Offline trembovetski

Senior Duke




If only I knew what I'm talking about!


« Reply #62 - Posted 2009-04-23 05:06:02 »

Some apps are not signed. I'm not sure what limitations they have.... But couldn't find any on my basic test.

Reeeally? According to the docs _every_ Adobe air app must be signed before it can be deployed.
  http://www.adobe.com/devnet/air/articles/signing_air_applications.html

So what are we talking about here? Sign your java app/applet, and you're done, you'll be just like Air if that's what you like.

Games published by our own members! Check 'em out!
Legends of Yore - The Casual Retro Roguelike
Offline Riven
« League of Dukes »

JGO Overlord


Medals: 818
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #63 - Posted 2009-04-23 05:59:54 »

Well, for one, what do you do about Window? Disallow showing them? That'd break backward compatibility.

FYI, popup menus are undecorated windows (when they extend beyond toplevel bounds). And because of the wonderful swing architecture you can put whatever you want into a menu.
Fair point.

But I'm fairly sure there is a way to determine whether Swing created a Window or whether the user did. (even if it means to analyze the stacktrace)

Isn't it all about raising the bar? I mean, currently, a context menu ALSO does NOT have a warning, even if you made it fullscreen.



Another thing with placing warning into the title bar that I can see is that on Windows it may not be visible in some themes.
Also, what do you do about non-resizeable windows? If the title which includes the warning doesn't fit into the title bar, then what? Make window resizeable? But it'll break all kinds of applications which don't expect to be resized.

Quote from: Riven
- suppress the length of the Frame title visually, frame.getTitle() must return the full title
 - append " - Java Applet Window" in the frame title.
That.

Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Offline Riven
« League of Dukes »

JGO Overlord


Medals: 818
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #64 - Posted 2009-04-23 06:04:46 »

Maybe keep the 'warning icon' for the 0.1% of applets that use java.awt.Windows?

Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Offline zammbi

JGO Coder


Medals: 4



« Reply #65 - Posted 2009-04-23 06:38:28 »

Reeeally? According to the docs _every_ Adobe air app must be signed before it can be deployed.
  http://www.adobe.com/devnet/air/articles/signing_air_applications.html

So what are we talking about here? Sign your java app/applet, and you're done, you'll be just like Air if that's what you like.
Sorry I was mistaken. I thought they had sorted some of this problem in another way. But yeah it doesn't help in that case.

A random thought, would be nice if we could choose a theme of the security window/WS downloader.

Current project - Rename and Sort
Offline Matzon

JGO Knight


Medals: 19
Projects: 1


I'm gonna wring your pants!


« Reply #66 - Posted 2009-04-23 06:45:57 »

Also, like was said before, applets shouldn't really need to pop up windows except for functional things like popping a file-open dialog which will always have a title bar (and won't be undecorated or translucent).
and html doesn't ned popups either???

we *require* popups to launch our games! - if we dont have this feature we will have to migrate. Signing is not an option.

Offline trembovetski

Senior Duke




If only I knew what I'm talking about!


« Reply #67 - Posted 2009-04-23 07:15:15 »



But I'm fairly sure there is a way to determine whether Swing created a Window or whether the user did. (even if it means to analyze the stacktrace)

It's more complicated that that, again. What if the attacker replaces the contents of that menu? It may have been created by swing, but the application is allowed to customize the contents. They don't have to play by the rules either, they can run stuff off edt. So it gets very complicated after a while.

Quote
Isn't it all about raising the bar? I mean, currently, a context menu ALSO does NOT have a warning, even if you made it fullscreen.

I am not actually sure, may be they have a size trigger or something - if it gets bigger than certain size, they have a warning window. I have vague recollections about wanting to investigate that at some point.

But the point is moot, I think - we have to support Window, and on Windows OS it won't have a border.

Quote
That.

I'm not sure what this is supposed to mean, sorry. Meaning, I thought I have pointed out specifically the issues with what you proposed.
Offline trembovetski

Senior Duke




If only I knew what I'm talking about!


« Reply #68 - Posted 2009-04-23 07:18:17 »


A random thought, would be nice if we could choose a theme of the security window/WS downloader.

To what degree? Just select from one of pre-defined themes? We can't allow customizing too much, or the attacker will put a picture of a cute puppy, and the user will not read anything but stare at the picture and click yes..

I think it's actually important that they all look the same. The overall appearance and wording of the current dialog may need to be improved though. I think this is being worked on - have you tried 6u14?
Offline trembovetski

Senior Duke




If only I knew what I'm talking about!


« Reply #69 - Posted 2009-04-23 07:22:14 »

Maybe keep the 'warning icon' for the 0.1% of applets that use java.awt.Windows?

So, leave the icon for Window and undecorated Frames, but take it out (with may be some title warning) for decorated Frames?
Potentially could be done. But as I mentioned before, we can't guarantee that the warning put into the title will be seen by the user because of Theming support on Windows.

Also, you will have to put restrictions on where the frame is placed so that it doesn't get placed such that the title is not visible - we already do something like that for the icon anyway (and used to do for the whole window when we had a warning banner).
Games published by our own members! Check 'em out!
Legends of Yore - The Casual Retro Roguelike
Offline CommanderKeith
« Reply #70 - Posted 2009-04-23 07:22:29 »

@Matzon

I signed up to your site (certusgames) and had a look - I see that you use a pop-up to join a table.

Pretty nifty setup - you don't require any permission dailogs even though you're communicating with a server because i guess it's the same server that serves up the web page.

I never guessed that an applet would be as complex as yours, I always thought that such a thing would be a webstart app. I guess that the current triangle situation is the best for you.  Out of interest, why don't you use webstart?

PS: Could you use JInternalFrames instead of JDialogs? JInternalFrames wouldn't have the triangle, but obviously could only be displayed inside the Applet window...

Offline zammbi

JGO Coder


Medals: 4



« Reply #71 - Posted 2009-04-23 07:34:41 »


Quote
To what degree? Just select from one of pre-defined themes? We can't allow customizing too much, or the attacker will put a picture of a cute puppy, and the user will not read anything but stare at the picture and click yes..
I was meaning pre-defined themes. I know that customizing is a no no and would be hard via parameters...

Quote
I think it's actually important that they all look the same. The overall appearance and wording of the current dialog may need to be improved though. I think this is being worked on - have you tried 6u14?
No I haven't. I'm currently on dial up speeds, so ill wait for the update. Any sshots around?

Current project - Rename and Sort
Offline Markus_Persson

JGO Wizard


Medals: 16
Projects: 19


Mojang Specifications


« Reply #72 - Posted 2009-04-23 07:43:40 »

Why does backwards compatibility matter more than security?
If old applets were allowed full file system support, surely you'd break backwards compatibility over that?



and html doesn't ned popups either???

we *require* popups to launch our games! - if we dont have this feature we will have to migrate. Signing is not an option.

html doesn't need popups, no. Many (most?) modern browsers block popups by default because it's annoying and evil.
Flash can't do popups at all, and it seems to work just fine.

[edit:]
No, wait, that's a lie.. It can pop up new browser windows. But not any window decorated in any which way.

Play Minecraft!
Offline Riven
« League of Dukes »

JGO Overlord


Medals: 818
Projects: 4
Exp: 16 years


Hand over your head.


« Reply #73 - Posted 2009-04-23 08:15:37 »

I'm not sure what this is supposed to mean, sorry. Meaning, I thought I have pointed out specifically the issues with what you proposed.



Quote from: trembovetski
Another thing with placing warning into the title bar that I can see is that on Windows it may not be visible in some themes.
Also, what do you do about non-resizeable windows? If the title which includes the warning doesn't fit into the title bar, then what? Make window resizeable? But it'll break all kinds of applications which don't expect to be resized.
Lets say you have a frame with he title: "Very long title, just to be as descriptive as possible for people with a widescreen"

It would become: "Very long title, just to be as descriptive as possible f... - Java Applet Window"
If the frame would become very narrow: "Very lon... - Java Applet Window"
The frame has to become extremely narrow for the 'warning' to become stripped: "...va Applet Window" (which might still be enough)
If the frame becomes really really really tiny, just use the 'warning icon', just like on java.awt.Window

In all circomstances, frame.getTitle() should return "Very long title, just to be as descriptive as possible for people with a widescreen"


And maybe you can determine whether some WindowsTheme doesn't show the titlebar, and in that case... use the 'warning icon' ?

Maybe just use the warning icon as a fallback wherever possible, for that 0.1% of usecases.

Hi, appreciate more people! Σ ♥ = ¾
Learn how to award medals... and work your way up the social rankings
Offline Matzon

JGO Knight


Medals: 19
Projects: 1


I'm gonna wring your pants!


« Reply #74 - Posted 2009-04-23 08:34:24 »

I never guessed that an applet would be as complex as yours, I always thought that such a thing would be a webstart app. I guess that the current triangle situation is the best for you.  Out of interest, why don't you use webstart?

PS: Could you use JInternalFrames instead of JDialogs? JInternalFrames wouldn't have the triangle, but obviously could only be displayed inside the Applet window...

We dont use webstart because we can't show ads that way (especially flash banners).
Also, as one of the few places out there we *still* support java 1.1 (!!). - so a great deal of features are cut off from us (unless we're doing a java2+ build).

Offline Matzon

JGO Knight


Medals: 19
Projects: 1


I'm gonna wring your pants!


« Reply #75 - Posted 2009-04-23 08:42:14 »

html doesn't need popups, no. Many (most?) modern browsers block popups by default because it's annoying and evil.
Flash can't do popups at all, and it seems to work just fine.
actually, you ARE using popups all the time - just inside the flash app (which requires a window mechanism of some sort). Same with html, it also uses css popups. They serve the same purpose. But when you are confined to limited area and have to use floating windows - you have a serious issue without using popups.

As much as I hate pop ups, I still use them a lot for showing multiple things.

We are able to use a tabbed interface and no popups version of a client, but its much more intuitive that you go from a room to a table, and can keep both windows open - and even beside each other (mostly for the chatting in both locations at the same time).

Anyhow - I do *not* view popups as a security issue and as such it is not something that should be disabled?

Offline Orangy Tang

JGO Kernel


Medals: 56
Projects: 11


Monkey for a head


« Reply #76 - Posted 2009-04-23 12:55:11 »

Because of our evilness, of course, we're out to harm the developers.

I don't think it was thought of "alien or unfamiliar". All we were trying to do is to get rid of the ugly java applet warning window (requested MANY times by the developers).
You say that tounge-in-cheek, but that's certainly how it feels a lot of the time. Time after time the UI decisions made in the name of "security" have been questionable or flat out wrong. If you don't think the utterly unheard of floating icon was alien or unfamiliar then frankly your UI design team is completely isolated from reality. The webstart security warning dialog was hideous in both appearance and wording and it's taken ages for it to be improved. Similarly the broken pop-unders that webstart would spawn and block an app from starting. I'm sure there's many other examples that other people have had issues with.

None of the the problems you've listed against putting the warning in the title bar are insurmountable, nor are the workarounds unreasonable. But it reads like Sun has put so much effort and time into the crazy floating icon implementation than no-one wants to actually admit that it's a terrible idea and scrap it.

[ TriangularPixels.com - Play Growth Spurt, Rescue Squad and Snowman Village ] [ Rebirth - game resource library ]
Offline Mr_Light

Senior Duke


Medals: 1


shiny.


« Reply #77 - Posted 2009-04-23 17:35:01 »

- I'd opt for fade out centred thing when going full screen (ala flash)
- For undecorated + untrusted stuff I'd opt for a java cup. (with a relative size, not the fixed size the warning thing seems to be.)

If there's a warning message it should be something along the lines of (this applet is started/loaded from <server name/adress> make sure that information you enter in this window is meant for the company/organistation that belongs to <server name/adress>.

Quote
This applet is loaded from ibm.com make sure that information you enter in this window is meant for the company/organistation that belongs to ibm.com.

But I agree with the sentiment that this is kinda time bound - what ppl are used to now is probably the way to go for now.

You can also add more smartness into the mix, only do stuff for undecorated + key-capturing + untrusted applets. (this would solve akwardness with menu popups.) I can't oversee all usecases but given you can do that right you might, and perhaps should be, more intrusive and go for the bar thing. and have it remember you clicking it away.

It's harder to read code than to write it. - it's even harder to write readable code.

The gospel of brother Riven: "The guarantee that all bugs are in *your* code is worth gold." Amen brother a-m-e-n.
Offline kappa
« League of Dukes »

JGO Kernel


Medals: 78
Projects: 15


★★★★★


« Reply #78 - Posted 2009-04-23 17:44:58 »

Agreed a small cute java cup would be much nicer than the warning sign, it could even have a small animation of steam coming out of it (provided its not too cpu intense and only plays occasionally and not constantly, or even only play when the java frame gets focus so as to be a subconscious reminder that you are now focused on a java window and not a normal window so don't enter personal data and passwords).

Another thing is that you could hide the system tray icon when the cup is displaying, as the cup could double as a warning and perform the functionality of the system tray icon so as to stays friendly and let the user know that its a java application.
Pages: 1 2 [3]
  ignore  |  Print  
 
 
You cannot reply to this message, because it is very, very old.

 

Add your game by posting it in the WIP section,
or publish it in Showcase.

The first screenshot will be displayed as a thumbnail.

theagentd (20 views)
2014-10-25 15:46:29

Longarmx (53 views)
2014-10-17 03:59:02

Norakomi (47 views)
2014-10-16 15:22:06

Norakomi (35 views)
2014-10-16 15:20:20

lcass (39 views)
2014-10-15 16:18:58

TehJavaDev (68 views)
2014-10-14 00:39:48

TehJavaDev (69 views)
2014-10-14 00:35:47

TehJavaDev (61 views)
2014-10-14 00:32:37

BurntPizza (74 views)
2014-10-11 23:24:42

BurntPizza (46 views)
2014-10-11 23:10:45
Understanding relations between setOrigin, setScale and setPosition in libGdx
by mbabuskov
2014-10-09 22:35:00

Definite guide to supporting multiple device resolutions on Android (2014)
by mbabuskov
2014-10-02 22:36:02

List of Learning Resources
by Longor1996
2014-08-16 10:40:00

List of Learning Resources
by SilverTiger
2014-08-05 19:33:27

Resources for WIP games
by CogWheelz
2014-08-01 16:20:17

Resources for WIP games
by CogWheelz
2014-08-01 16:19:50

List of Learning Resources
by SilverTiger
2014-07-31 16:29:50

List of Learning Resources
by SilverTiger
2014-07-31 16:26:06
java-gaming.org is not responsible for the content posted by its members, including references to external websites, and other references that may or may not have a relation with our primarily gaming and game production oriented community. inquiries and complaints can be sent via email to the info‑account of the company managing the website of java‑gaming.org
Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines | Managed by Enhanced Four Valid XHTML 1.0! Valid CSS!