• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Calling Servlet with Javascript ?

 
Ranch Hand
Posts: 98
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi friends
I would want to know if call servlet from javascript is good practice or no?
I always call servlet from other servlet (mvc) but now in my job i must modify an application , tshi application call servlet from javascript!
that not look good!
Can someone give me an opinion?

Thanks
 
Sheriff
Posts: 17644
300
Mac Android IntelliJ IDE Eclipse IDE Spring Debian Java Ubuntu Linux
  • Likes 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
There are many fine applications that use Ajax/Javascript to make calls to a Servlet. What in particular do find unappealing in the way your application is doing it? Can you post an example?
 
jhon masco
Ranch Hand
Posts: 98
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Junilu Lacar wrote:There are many fine applications that use Ajax/Javascript to make calls to a Servlet. What in particular do find unappealing in the way your application is doing it? Can you post an example?



I just was curious. I guess is not good practice for security. Or i am wrong?
Here a line example:

where 'ProgramLauncher4' is a servlet.

Thanks for the reply.
 
Marshal
Posts: 28193
95
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

jhon masco wrote:I just was curious. I guess is not good practice for security. Or i am wrong?



I don't know. What do you consider insecure about that code?

(There's plenty of places in web applications where you can do insecure things; I'm just asking which of the long list of insecure things applies in this case.)
 
Saloon Keeper
Posts: 27762
196
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Actually, you cannot call a servlet from another servlet. You can only forward, unless you just break into the servlet's processing methods by main brute force.

You definitely don't "call" a servlet from JavaScript. Since JavaScript runs on the client and the servlet runs on the server, the client can only make an HTTP(S) request that invokes a servlet's processing method.

The biggest security risks in a J2EE application don't come so much from whether requests were made directly from a browser or via AJAX, but from whether or not the webapp was designed secure to begin with. Which is the main reason I make so much noise about not writing your own security system if the J2EE-standard one can be used instead.
 
jhon masco
Ranch Hand
Posts: 98
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks for all the replies.
Then i would conclude that is not bad use javascript or ajax for call servlet (redirect).
Yes Tim, you are right when you say than the most important is the web application design.
Particularly i dont like when i can see the code of any file (.js.jsp.php, etc) from of my web browser.!
That is this case. I can access to the javascript files from the browser. That is a design problem definitively.!

Thanks again.
 
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

jhon masco wrote:I can access to the javascript files from the browser. That is a design problem definitively.!


Again you are making assertions without any basis whatsoever in fact. Why is this a "design problem"?
 
Ranch Hand
Posts: 77
Eclipse IDE Tomcat Server Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

I would want to know if call servlet from javascript is good practice or no?



Yes it is a good practice because by using javascript you can enrich the user experience... rather than using flash content(which can be annoying at times)...
Moreover you cannot call a servlet without using some kind of inter-laying code, example : javascript or ajax ....
 
Bear Bibeault
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Shivom Shukla wrote:
Moreover you cannot call a servlet without using some kind of inter-laying code, example : javascript or ajax ....


That is not correct. A servlet can be the target of a form or a link.
 
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Jhon,

I dont know why you are feeling this is not good pratice, but for your information, GMAIL is popular because most of the functionalities are implemented by using AJAX(calling servlet using java script).

Thanks & Regards

Pandian R
 
jhon masco
Ranch Hand
Posts: 98
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sorry fro delay.
Thanks all for the answers. You win!!!
From now I will try to use other ways(javascript, ajax, etc) to call servlets.

Thank you.
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic