>just wondering if it's possible for someone using a normal pc-based web
>browser to access a site with an i-appli link and somehow download the
>i-appli's jar file (by re-enterring the .jar file's url), retrieve the .jar
>from the browser's cache directory, open the jar, reverse engineer
>the .class files to expose the source code?
yep, this is totally possible as with any other java code.
>just wondering what security measures there are, besides doing an initial
>USER_AGENT check and denying access to all non-i-appli clients? is the
>latter sufficient?
User_agent check along with many other checks is not sufficient, since it
could be very easily faked by a perl script or a java robot!
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
[ Did you check the archives? http://www.appelsiini.net/keitai-l/ ]
Received on Sun Mar 18 03:35:34 2001