hi

I found some useful stuff about those protocol-handlers (http, https,
freenet) on the MSDN cds.
I'll try to implement a test dll tomorrow.
btw: the protocol-handler could forward the request to fproxy using sockets
(no java to binary compiler needed)

philipp

----- Original Message -----
From: "Duncan Irvine" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, January 02, 2001 7:09 PM
Subject: RE: [Freenet-dev] FProxy security detector checked in


> > > > And of course browsers *could* implement this
> > functionality themselves.
> > >
> > > It seems risky to make the assumption that all browser code
> > should be
> > > trusted esp. given that we have no ability to audit the
> > code.  A piece of
> > > firewalling code would seem more appropiate under the circumstances,
> > > unfortunatly it would be highly platform dependant.  I
> > think delegating
> > > the responsibility for this to Fproxy makes the most sense
> > in the long
> > > run.
> >
> > I agree in the short run, but in the long run, I think browsers should
> > evolve to support freenet: the same way they have evolved to support
> > things like HTTP, FTP, proxies, gopher, wais, HTML, etc.
> >
> > In the short term, perhaps a useful tool would be to have a proxy
> > running on localhost that was switchable by the user (think system
> > tray icon for winbloze) into freenet or non-freenet mode.  In freenet
> > mode it blocks all non-freenet protocols, and otherwise it passes
> > through directly to the 'net or the user's normal web proxy.
>
>
> Cunningly enough, I'm doing a little bit of work trying to get an IE
plugin
> for freenet: URLs working.  Windoze uses a thing called URLMON.DLL with
> which all protocols are registered (actually it just scans a given
Registry
> Key).  All of IE's requests go through URLMON and then onto a COM object
in
> a DLL.  Even HTTP, HTTPS, TELNET etc are handled like this.  I'm thinking
> that I can probably make IE pop up a little security warning box when the
> user moves to and from Freenet links (such as you get when you move from
> HTTP to HTTPS and back).  Although I've no idea if this will work, as M$'s
> docs are typically vague.  The old 'You know all of this already, so we
> won't bother explaining it to you anywhere' routine.  But I believe that I
> can tell IE that Freenet is a given domain, and has different security
needs
> to the rest of the 'net - just don't quote me.  The trouble with the proxy
> idea is that you could get around it by embedding a RealAudio reference
for
> example - RA uses its own Protocol Handler just like I'm doing for
freenet,
> and you can only give it a proxy from within RA.  Certainly it could be
> useful in the short term but it really is a nasty solution.  Of course,
I'm
> sure that M$ will come out with a new version of Winsock that monitors for
> Freenet-like traffic, and report it to the NSA for your protection. :)
>
>
> On a related note: I don't suppose anyone has any experience of making
DLLs
> out of Java?  I use VisualCafe here at work and it has the option of
making
> a native DLL (or indeed executable) out of your Java code, and was
thinking
> that I could cobble together a client DLL that I could link my VC++ code
to.
> This would have the major advantage that you'd effectively have a nice,
> up-to-date, native Freenet Client Library for Windoze programmers to use.
> Only trouble is I've not really used it much, and was hoping I could get
> some advice - I'm pretty sure that once the DLL is made, I'll be able to
> hook it into MSVC but I have my doubts - the VIsualCafe docs aren't
exactly
> extensive either.  It's very much a suck-it-and-see affair.  Anyway, I'm
> going to give it a go - Cafe comes with a whole host of DLLs which
replicate
> the J2SE environment, so I reckon it shouldn't take too much effort to get
> it going - just a matter of deciding which bits to use.  Sorry, I'm
rambling
> again...
>
> Dunc.
>
>
>
>
>
****************************************************************************
> This message contains information which may be privileged
> and confidential and subject to legal privilege. If you are not
> the intended recipient, you may not peruse, use, disseminate,
> distribute or copy this message. If you have received this
> message in error, please notify the sender immediately by
> e-mail, facsimile, or telephone and return or destroy the
> original message. Sopheon and its officers are not responsible
> for any statements or material in this e-mail and in any attachment
> to it which might give rise to any criminal or civil claim.
>
****************************************************************************
>
> _______________________________________________
> Freenet-dev mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/mailman/listinfo/freenet-dev
>
>



_______________________________________________
Freenet-dev mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/mailman/listinfo/freenet-dev

Reply via email to