>>34
But you don't want to add potential problems, regardless of how "basic" they might be. Ideally the basic premise of sharing something shouldn't involve lit fuses even if you can put them out easily, and pointing to PHP as insecure is a terrible argument for other things to be insecure as well.
>>35 might be on to something. However given by the (rather screwball) standard of Java's JAR files, maybe zip would be better. I suppose the browser would then fetch that and load its index.html.