Network Access - Motorola MOTORAZR maxx V6 Developer's Manual

Java ME Developer Guide
Chapter 22 - Network APIs
22.11 Security for Push Registry
Push Registry is protected by the security framework. The MIDlet registered for the
push should have the necessary permissions. Details on permissions are outlined in
the Security chapter.

22.12 Network Access

Untrusted applications will use the normal HttpConnection and HttpsConnection APIs
to access web and secure web services. There are no restrictions on web server port
numbers through these interfaces. The implementations augment the protocol so
that web servers can identify untrusted applications. The following will be imple-
mented:
The implementation of HttpConnection and HttpsConnection will include
a separate User-Agent header with the Product-Token
"UNTRUSTED/1.0".User-Agent headers supplied by the application will
not be deleted.
The implementation of SocketConnection using TCP sockets will throw
java.lang.SecurityException when an untrusted MIDlet suite attempts to
connect on ports 80 and 8080 (http) and 443 (https).
The implementation of SecureConnection using TCP sockets will throw
java.lang.SecurityException when an untrusted MIDlet suites attempts
to connect on port 443 (https).
The implementation of the method DatagramConnection.send will throw
java.lang.SecurityException when an untrusted MIDlet suite attempts to
send datagrams to any of the ports 9200-9203 (WAP Gateway).
The above requirements should be applied regardless of the API used to
access the network. For example, the
javax.microedition.io.Connector.open and
javax.microedition.media.Manager.createPlayer methods should throw
java.lang.SecurityException if access is attempted to these port
numbers through a means other than the normal HttpConnection and
HttpsConnection APIs.
DRAFT - Subject to Change
[168/201]