This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
That's a Flash thing, isn't it? Anyway, what cross-domain issue would there be with JWS? The application runs on the client and the server is basically just a place to get new versions from.
Joined: Aug 27, 2002
There is an internet attack called crossdomain attack.
You get your Java application with JWS from one domain and try to access another another domain from you Java application.
Flash player checks the crossdomain.xml on the another domain to decide if it it allowed.
Yes, I am familiar with that. But consider how applets work in that context: An applet can't connect to any server except the one it was downloaded from. So far so good, no cross-domain access. Until you sign the applet, that is. Then it can connect to anything in the world. So it's an all-or-nothing choice.
I think it's the same with JNLP; there's an "all-permissions" element (I think) in the JNLP file which acts pretty much the same as signing the applet. All or nothing there, too.