Exploiting the OnError() Method

Using Signed Scripts

All inline scripts, event handler scripts, or JavaScript files that are signed require a SCRIPT tag's ARCHIVE attribute whose value is the name of the JAR file that contains the digitally signed scripts.

For example, to sign an inline script, you would use the following syntax:

 <script archive="MySignedArchive.jar" > <!--   ... // --> </script> 

To import functionality from a JavaScript file that is signed, you would use the following syntax:

 <script archive="MySignedArchive.jar" src="/books/1/161/1/html/2/MyScriptFile.js"> </script> 

Event handlers do not need to directly specify an archive attribute, but they should always follow a script tag that does. For example:

 <script archive="MySignedArchive.jar" > <!-    ... // --> </script> <form onSubmit="JavaScript: formSubmit();" >   ... </form> 

Unless you are using more than one archive file, you need only specify the attribute value in the first script tag. For example:

 <script archive="MySignedArchive.jar" >  <!--   document.write( "This is a signed script." );  // --> </script> <script >  <!--   document.write( "This is also a signed script." );  // --> </script> 

Every signed inline and event handler script requires an ID attribute. The ID is a unique string that identifies the script to its signature in the JAR file. Each ID is unique to each JAR file—no two script tags can use the same JAR file and have the same ID. On the other hand, two script tags using different JAR files can have the same ID.

Using Expanded Privileges

Within a signed script are many very powerful features, or "privileges," that you can use to perform many operations in areas you normally would not have access to. First, though, you must ask for these privileges. Requesting an expanded privilege requires one line per privilege.

Here is an example that requests a privilege called UniversalSendMail:

 netscape.security.PrivilegeManager.enablePrivilege("UniversalSendMail") 

This line of code allows the author of the script to send e-mail on the visitor's behalf.

There are several privileges that you can request from the browser. Table 12.1 lists and describes some of these privileges.

This is only a partial list of the privileges or targets that you can request. For a complete list, see http://developer.netscape.com/docs/manuals/signedobj/targets/index.html.

JavaScript Features Requiring Privileges

There are many features of the JavaScript language that may not be used unless they are part of a signed script. Table 12.2 lists the features that signed scripts give you and what privilege you need to request in order to use them.

Many functions of the window object, such as writing files to the hard drive, require

UniversalBrowserWrite.

Summary

Like any software technology, JavaScript has the occasional problem. Sometimes a problem manifests itself as a security hole and must be fixed. It is your responsibility to keep up-to-date on the possible security issues your Web pages might have. In order to minimize the abuse of JavaScript security holes, all dangerous operations, such as reading and writing to the hard drive, have been removed. Sometimes it is necessary to use some of the features that have been removed from the language. In order to use these features, Netscape Navigator allows a programmer to sign scripts. A signed script requests extra rights from the visitor in order to do its task.