URL Read Feature Request

Arthur D. Edelstein (edelstei@uiuc.edu)
Tue, 28 Jul 1998 23:14:21 -0500 (CDT)

Date: Tue, 28 Jul 1998 23:14:21 -0500 (CDT)
From: "Arthur D. Edelstein" <edelstei@uiuc.edu>
To: java-security@java.sun.com
Subject: URL Read Feature Request

Dear Sir or Madam:

Currently browser applets cannot read nonlocal URLs because of
security concerns.

It would be useful if applets could call a function that reads URL
Streams from any URL which is open to the general public internet, not
just from URLs that are on the originating server.

I suggest that Sun could run an authorization server to which java
applets could connect. Before an applet could read from a given URL,
it would have to request permission from this authorization server.
The server would give permission to read from the URL if the URL were
located on any publicly-readable web server. This would still prevent
applets from reading nonpublic information on the client's network,
but would not require any certificates or other security decisions by
the client, nor would it require a server-side application on the
host, which is not possible for many developers.

Sincerely,
Arthur D. Edelstein