Java socket bridge

So I'm trying to create a socket bridge in Java to allow me to use actual sockets in Javascript. It works like this:
I include the applet where I want to use sockets, get a reference to it with Javascript, and then I can call applet code by using ref.code.

The applet must be signed and given permission so it can make connections to any domain. Only the main thread has these permissions. You also can't call the socket functions directly from Javascript.

My question is if I start a thread from the main thread will it have the same permissions as the main thread? Is it possible to call code from a thread and have that code run in the thread?

this blog post might help you http://blog.carrythezero.com/?p=5
this is a cool idea since websockets is a weird hack that includes http headers and crap.


import java.util.Socket;
import java.util.Factory;

/* Initializes main process */
public static void enterprise object Main(String[] argumentSingleton.getInstance()) {
    SocketInstance socket = new SocketFactoryFactory(new Decorator.getObject().GC.deploy);
    return new Integer(new Float(0.toInteger()));
    }

>>2
Yeah, exactly. Web sockets fucking suck. Most browsers don't even support them by default. I really wish there was a library that gave Javascript a nice BSD socket API. There's this: http://stephengware.com/proj/javasocketbridge/ but unfortunately it only supports one socket at a time.

Imagine all the cool shit we could do if we had this lib.

I'm interested in the subject of this thread. So, what's the best alternative for using sockets in web pages? Websockets? Java? Flash?

Two tin cans and a rope.

>>5

You'd probably need to know more about the application of sockets to find an appropriate substitute, and a good substitute might not exist for every usage case of sockets. You might need to design your application around the limitations imposed by the substitute to sockets that you choose.

>>5
Long polling with graceful degradation?

It can be done. You can talk to Java applets from Javascript. You can proxy your requests to Java and have it do the socket operations and then return the results. The applet will need to be signed and given permission by the user and then it can access all domains.

I will start work on this when I'm not hung over but I have faith I can create an API for
send
recv
bind
listen
accept
connect
close

Shouldn't be too hard. I'll base it on BSD sockets. Even if the API is ugly as fuck (which it probably will due to contrived requirements imposed by permissions) the software will still be immensely useful.

/prog/ should start their own version too. I hate Java as a language so I don't know how this will go.

>>5
Flash was once used for this purpose but it's too tight now and you can't get out. The problem with using flash is there are so many different versions and I question it's availability compared to Java. I brought up Java for this because applets can really do a lot of stuff, including socket operations that go cross-domain providing they are signed.

There are web applications that run on the client which need sockets. Facebook chat is a good example. It uses some shit, and that works well when the software they're client is all controlled by them. But what if you wanted to create something like an IRC client in Javascript? You could do it by coding a socket proxy in PHP but that's a stupid solution too. The client should be able to make their own connections.

So I hope something like a Java socket bridge exists soon.

Imagine the cool software we could create if this existed. Obviously we can already do so with Java but nobody wants to touch it.

>>11

I've heard that having built in features like this for java script is a security vulnerability, but I don't really understand why myself. I guess it could try to open a bunch of sockets on a bunch of ports to find out what port are in use? And reporting results back to a server? Maybe it could try to connect to other machines on your local network, and report results? Or I guess if you are on a LAN, and yall depend on a firewall on the main router for security, then malicious website could have malicious javascript execute on your computer, from within the firewall, and then have less restricted access to the other machines on the LAN? And possibly try to perform some exploits on software listening on ports that would have been blocked by the firewall? Maybe it could open a socket to the host computer and mess up a program listening on a port on your own machine? I dunno.

>>12
I have to admit this does open doors to the wrong people. Anything that can be done with networking could take place once you allowed the applet permission: Your computer could be used to host a malicious website, proxy server, transfer funds from banks, DoS services, connect to places behind your firewall like you said, port scanning and exploitation -- you could write a web-based worm that spread by just going to a website.

Interesting for software development though. Like I said before, this would allow web developers to create a lot of cool stuff quite easily if it's done right.

>>13

yeah, it would be interesting to see what types of things people could do with a standardized and available interface for client side sockets on web pages. I wouldn't be anything new in the sense that people could just download native applications and run them on their own computer to get the same generality, and this is pretty much what you get once people start using APPS instead of accessing websites through a browser. So the capability is already there, both for usefulness and for security breaches. I guess people just trust the APPS they install better than websites they go through while browsing.