The following JAR file manifest attributes are available to help ensure the security of your applet or Java Web Start application:
- The Permissions attribute is used to ensure that the application requests only the level of permissions that is specified in the applet tag or JNLP file used to invoke the application. Use this attribute to help prevent someone from re-deploying an application that is signed with your certificate and running it at a different privilege level.
This attribute is required in the main JAR file when the Security Level slider in the Java Control panel is set to Very High or High. See Permissions Attribute in the Java RIA Development and Deployment Guide for more information. - The Codebase attribute is used to ensure that the code base of the JAR file is restricted to specific domains. Use this attribute to prevent someone from re-deploying your application on another website for malicious purposes. See Codebase Attribute in the Java RIA Development and Deployment Guide for more information.
- The Application-Name attribute is used to provide the title that is shown in the security prompts for signed applications. See Application-Name Attribute in the Java RIA Development and Deployment Guide for more information.
- The Application-Library-Allowable-Codebase attribute is used to identify the locations where your application is expected to be found. Use this attribute to reduce the number of locations shown in the security prompt when the JAR file is in a different location than the JNLP file or the HTML page. See Application-Library-Allowable-Codebase Attribute in the Java RIA Development and Deployment Guide for more information.
- The Caller-Allowable-Codebase attribute is used to identify the domains from which JavaScript code can make calls to your application. Use this attribute to prevent unknown JavaScript code from accessing your application. See Caller-Allowable-Codebase Attribute in the Java RIA Development and Deployment Guide for more information.
- The Trusted-Only attribute is used to prevent untrusted components from being loaded. See Trusted-Only Attribute in the Java RIA Development and Deployment Guide for more information.
- The Trusted-Library attribute is used to allow calls between privileged Java code and sandbox Java code without prompting the user for permission. See Trusted-Library Attribute in the Java RIA Development and Deployment Guide for more information.
