Re: [JAVA2D] Question about fullscreen exclusive mode in applet in browser.
All valid arguments. And I'm sure I don't know any of the grizzly stories about how Java is/was being used for fraud. It's a hoist petard situation -- damned if you do -- damned if you don't. Having Java become suspect as an easy tool for fraud certainly won't do us developers any good. Yet people object to having their precious fullscreen so rudely violated. I'll meander over to the security and awt talklists and see what I can see. If you sign your applet - as far as I know - the banner should not be there. I think the banner should stay like it is - I know the discussion on javalobby a year ago where people blamed java for allowing fullscreen-mode for applets. A programmer could easily re-program the desktop and the user would enter passwords for example. If you sign your applet the user can say java he trusts you if he really trusts you - if not he sees the banner. Whats the problem? lg Clemens [Message sent by forum member 'linuxhippy' (linuxhippy)] http://forums.java.net/jive/thread.jspa?messageID=248436 === To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message signoff JAVA2D-INTEREST. For general help, send email to [EMAIL PROTECTED] and include in the body of the message help.
Re: [JAVA2D] Question about fullscreen exclusive mode in applet in browser...
HOW DID THEY DO THAT??? Is this another secret environment variable?
I would like to know how to go into fullscreen mode without the status
bar showing.
I think they may be exploiting a bug fixed in the latest
versions.
On my jre (6uN) the window does show the warning.
Thanks,
Dmitri
Ken Warner wrote:
Hi,
My applet at
http://pancyl.com
can go into fullscreen exclusive mode. F1 enters -- ESC exits.
When it goes into fullscreen exclusive mode using the 1.6 plugin,
there is a gray status bar at the bottom of the screen that says,
Java Applet Window
A lot of people find this annoying. Fullscreen exclusive should mean
FULLSCREEN!
I've looked at java.awt.GraphicsDevice and this is the method that
set's the bounds of the window.
public void setFullScreenWindow(Window w) {
// Get display mode before changing the full screen window
DisplayMode dm;
if (w == null) {
dm = null;
} else {
dm = getDisplayMode();
}
if (fullScreenWindow != null windowedModeBounds != null) {
fullScreenWindow.setBounds(windowedModeBounds);
}
// Set the full screen window
fullScreenWindow = w;
if (fullScreenWindow != null) {
windowedModeBounds = fullScreenWindow.getBounds();
fullScreenWindow.setBounds(0, 0, dm.getWidth(), dm.getHeight());
fullScreenWindow.setVisible(true);
fullScreenWindow.toFront();
}
}
I tried to write my own class to extend GraphicsDevice so I can override
setFullScreenWindow()
but I can't put it into the java.awt package. I get a security warning
at runtime.
I'm not smart enough or good enough to figure out a way to set the
bounds of the fullscreen window so that the status bar won't show.
However, someone has. Goto the URL below. You will see a gallery
of available panoramic images. They can be shown in Flash, Java or
Quicktime. Select one to show in Java. When you see that it's finished
loading, click the right button and enter fullscreen mode. You will see
that there is no status bar.
HOW DID THEY DO THAT??? Is this another secret environment variable?
I would like to know how to go into fullscreen mode without the status
bar showing.
http://easypano.com/panorama-gallery.html
Ken
===
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message signoff JAVA2D-INTEREST. For general help, send email to
[EMAIL PROTECTED] and include in the body of the message help.
===
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message signoff JAVA2D-INTEREST. For general help, send email to
[EMAIL PROTECTED] and include in the body of the message help.
Re: [JAVA2D] Question about fullscreen exclusive mode in applet in browser...
Can I exploit that bug too? :-)
But seriously, all the users I have contact with find
that status bar real annoying. Annoying to the point that
they are willing to look to Flash or other means to display
their panoramas. They are a fussy group and I struggle to
maintain Java's relevance to that group.
So does the Java2D group have any say about the status
bar or should I talk to another development group.
No need to grind on you if it's not in your purview...
Dmitri Trembovetski wrote:
HOW DID THEY DO THAT??? Is this another secret environment variable?
I would like to know how to go into fullscreen mode without the status
bar showing.
I think they may be exploiting a bug fixed in the latest
versions.
On my jre (6uN) the window does show the warning.
Thanks,
Dmitri
Ken Warner wrote:
Hi,
My applet at
http://pancyl.com
can go into fullscreen exclusive mode. F1 enters -- ESC exits.
When it goes into fullscreen exclusive mode using the 1.6 plugin,
there is a gray status bar at the bottom of the screen that says,
Java Applet Window A lot of people find this annoying. Fullscreen
exclusive should mean
FULLSCREEN! I've looked at java.awt.GraphicsDevice and this is the
method that
set's the bounds of the window.
public void setFullScreenWindow(Window w) {
// Get display mode before changing the full screen window
DisplayMode dm;
if (w == null) {
dm = null;
} else {
dm = getDisplayMode();
}
if (fullScreenWindow != null windowedModeBounds != null) {
fullScreenWindow.setBounds(windowedModeBounds);
}
// Set the full screen window
fullScreenWindow = w;
if (fullScreenWindow != null) {
windowedModeBounds = fullScreenWindow.getBounds();
fullScreenWindow.setBounds(0, 0, dm.getWidth(),
dm.getHeight());
fullScreenWindow.setVisible(true);
fullScreenWindow.toFront();
}
}
I tried to write my own class to extend GraphicsDevice so I can
override setFullScreenWindow()
but I can't put it into the java.awt package. I get a security
warning at runtime.
I'm not smart enough or good enough to figure out a way to set the
bounds of the fullscreen window so that the status bar won't show.
However, someone has. Goto the URL below. You will see a gallery
of available panoramic images. They can be shown in Flash, Java or
Quicktime. Select one to show in Java. When you see that it's finished
loading, click the right button and enter fullscreen mode. You will see
that there is no status bar.
HOW DID THEY DO THAT??? Is this another secret environment variable?
I would like to know how to go into fullscreen mode without the status
bar showing.
http://easypano.com/panorama-gallery.html
Ken
===
To unsubscribe, send email to [EMAIL PROTECTED] and include in the
body
of the message signoff JAVA2D-INTEREST. For general help, send
email to
[EMAIL PROTECTED] and include in the body of the message help.
===
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message signoff JAVA2D-INTEREST. For general help, send email to
[EMAIL PROTECTED] and include in the body of the message help.
Re: [JAVA2D] Question about fullscreen exclusive mode in applet in browser.
Hi Ken, The problem is you have to think of all of this from a different perspective. Don't think I'm a nice responsible developer who wants to make a pretty app... Think I'm an identity stealer and I want to fool the user into giving me their credit cards and other personal information. A disclaimer for the following text. We aren't security experts here on the Java2D forum. We just like to draw pretty pictures. I'll give some clarifications below to make sure you've considered the possibilities that I'm aware of that led to the creation of the applet banner, but I don't want to launch into a debate here in this forum on the issues. Probably the best place to discuss issues related to Java security and windows would be either the AWT or the security areas. Java2D isn't involved at all in putting the warning up (we probably don't even render it as it is likely a native component). What I would suggest is putting a small 16x16 Java icon in the upper left corner of the full screen window. That's he conventional place for identification via icons. And erhaps clicking on the icon could escape fullscreen exclusive mode. Consider how this looks to a user on an identity stealing page. Oh, how nice that these nice folks at PayPalSecurity.NG implemented their Identity Verification page in Java. Someone should talk to them about their grammar, though - it's atrocious. There needs to be a clear message that tells uninformed users not to provide any identity information, not just this is Java since few people outside of our developer communities really understands what Java can do for fraud perpetrators. The idea of a status bar is not evil. But it should be under the control of the programmer. The visibility, color, message should be under the control of the applet. I'm sure the folks at SeeNigeria.net would love to control how that status bar looks. Perhaps a nice black text on black background color scheme would be prettier - tone on tone is such a big fashion statement these days. ;-) The status bar could be enabled for other purposes like a menu bar or tool bar. Then there would be some useful purpose to it that would override the annoyance factor. In some sense, the annoyance factor is its main advantage when it comes to security. Also, there should be a choice of top or bottom or invisible. If invisible, then show the icon in the upper left corner. Again, if we don't do this banner, then we need something that is an obstacle to identity theft. We aren't the experts on these issues here in the Java2D forum - you should probably raise the discussion as to what the security banner does and what better or alternate solutions could provide the same benefits on either the Security or AWT forums... ...jim [Message sent by forum member 'flar' (flar)] http://forums.java.net/jive/thread.jspa?messageID=248338 === To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message signoff JAVA2D-INTEREST. For general help, send email to [EMAIL PROTECTED] and include in the body of the message help.
Re: [JAVA2D] Question about fullscreen exclusive mode in applet in browser.
All valid arguments. And I'm sure I don't know any of the grizzly stories about how Java is/was being used for fraud. It's a hoist petard situation -- damned if you do -- damned if you don't. Having Java become suspect as an easy tool for fraud certainly won't do us developers any good. Yet people object to having their precious fullscreen so rudely violated. I'll meander over to the security and awt talklists and see what I can see. And it's a banner not a status bar... [EMAIL PROTECTED] wrote: Hi Ken, The problem is you have to think of all of this from a different perspective. Don't think I'm a nice responsible developer who wants to make a pretty app... Think I'm an identity stealer and I want to fool the user into giving me their credit cards and other personal information. A disclaimer for the following text. We aren't security experts here on the Java2D forum. We just like to draw pretty pictures. I'll give some clarifications below to make sure you've considered the possibilities that I'm aware of that led to the creation of the applet banner, but I don't want to launch into a debate here in this forum on the issues. Probably the best place to discuss issues related to Java security and windows would be either the AWT or the security areas. Java2D isn't involved at all in putting the warning up (we probably don't even render it as it is likely a native component). What I would suggest is putting a small 16x16 Java icon in the upper left corner of the full screen window. That's he conventional place for identification via icons. And erhaps clicking on the icon could escape fullscreen exclusive mode. Consider how this looks to a user on an identity stealing page. Oh, how nice that these nice folks at PayPalSecurity.NG implemented their Identity Verification page in Java. Someone should talk to them about their grammar, though - it's atrocious. There needs to be a clear message that tells uninformed users not to provide any identity information, not just this is Java since few people outside of our developer communities really understands what Java can do for fraud perpetrators. The idea of a status bar is not evil. But it should be under the control of the programmer. The visibility, color, message should be under the control of the applet. I'm sure the folks at SeeNigeria.net would love to control how that status bar looks. Perhaps a nice black text on black background color scheme would be prettier - tone on tone is such a big fashion statement these days. ;-) The status bar could be enabled for other purposes like a menu bar or tool bar. Then there would be some useful purpose to it that would override the annoyance factor. In some sense, the annoyance factor is its main advantage when it comes to security. Also, there should be a choice of top or bottom or invisible. If invisible, then show the icon in the upper left corner. Again, if we don't do this banner, then we need something that is an obstacle to identity theft. We aren't the experts on these issues here in the Java2D forum - you should probably raise the discussion as to what the security banner does and what better or alternate solutions could provide the same benefits on either the Security or AWT forums... ...jim [Message sent by forum member 'flar' (flar)] http://forums.java.net/jive/thread.jspa?messageID=248338 === To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message signoff JAVA2D-INTEREST. For general help, send email to [EMAIL PROTECTED] and include in the body of the message help. === To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message signoff JAVA2D-INTEREST. For general help, send email to [EMAIL PROTECTED] and include in the body of the message help.
