W3C home > Mailing lists > Public > www-talk@w3.org > July to August 1995

Re: File upload from a Web browser

From: Jim Graham <flar@bendenweyr.eng.sun.com>
Date: Mon, 17 Jul 1995 22:01:28 -0700
Message-Id: <9507180501.AA12338@bendenweyr.Eng.Sun.COM>
To: FisherM@is3.indy.tce.com, masinter@parc.xerox.com
Cc: www-talk@www10.w3.org

Hi Larry,

> From what *I* understand of Java, it isn't currently possible to
> create a 'file upload' applet.  The 'file upload' proposal asks for a
> platform-specific 'file selection dialog' to take place, and I don't
> see this as a Java primitive, nor how one might build such a thing
> using any of the Java primitives.
> 
> Perhaps there are some Java experts who might clarify this?

There are two problems here.  The first is that support for applets
making use of standard UI widgets is pretty minimal in the existing
Alpha releases of HotJava and they are all not guaranteed to work
when the Beta release is completed (actually, they are very likely
to change drastically as a new UI toolkit is being developed).

The second problem is that HotJava security has a major goal of
preventing data from being stolen from the local system and sent
out over the net.  As a result, the default security modes will
deny any attempt by an applet to load any data from anywhere outside
of a small list of specific directories.  It is possible for a user
to configure his browser to increase the number of directories that
are accessible to applets or to reduce the amount of security checks,
but that is not recommended.

A file upload feature would be a piece of code that the user should
require a fair amount of trust in, and code that is automatically
loaded from over the net, such as the code for applets, should not
generally be given the same permissions as a piece of the core browser
code.

Still, the many interfaces available in the HotJava code base for
providing access to the net would make writing this piece of code
very easy (once the UI toolkit classes settle down).  The problem
would be assuring users that this extension is safe to add directly
to the HotJava installation as a trusted feature.

					...jim
Received on Tuesday, 18 July 1995 01:03:55 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 27 October 2010 18:14:17 GMT