Skip to main content

Hiding destination URL in httpconnection request

7 replies [Last post]
ckurtm
Offline
Joined: 2008-03-12
Points: 0

Fairly new to j2me , can someone tell me how i can make my application not to show the url for httpconnection when it prompts the user for a connection on mobile phone?

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
ckurtm
Offline
Joined: 2008-03-12
Points: 0

how do you set correct permissions?, i'm hoping his does not depend on the user setting up the application network permissions on the phone, if this can be done from within code, it would be fabulous, but something tells me you mean, user setting the network permissions and all.

sfitzjava
Offline
Joined: 2003-06-15
Points: 0

In your jad file you need to have a property "MIDlet-Permissions:" and it needs a value of "javax.microedition.io.Connector.http"

This can be done in the WTK as well by going to settings and selecting the Permissions item on the Left, then in the MIDlet-Permissions area click the "Add" button. A tree selection dialog will pop up with various options. Just navigate to the javax->microedition->io->Connector section and select http. Then "ok" at the bottom of the project settings dialog.

-Shawn

sfitzjava
Offline
Joined: 2003-06-15
Points: 0

Beat me to the answer Terrence. :)

However as a side note, if you are using an URL of http://www.domain.com/myapp?parm=x&parm2=y
and what you want is to not show the parms then you can POST these values instead of passing them in on the initial request URL.

As Terrence pointed out it's a security thing where the user needs to know the domain they are being asked to approve. Now if you have control over the server, and just really truly must hide as much of it as possible, then you can setup a socket connection and write your own HTTP protocol library. (honestly if you know the basics of it, it really isn't that tough, at least 1.0, IMHO) Then open the socket to the server and the alert will only show the domain. In the socket request following the HTTP protocol you will write a line like:
GET /index.html HTTP/1.1
Then there are a bunch other headers you have to set, plus your parms, and then all the user will see is the domain in the connection request. Issues with this are that you can't use the normal http sockets unless you have a signed MIDlet such as 80,8080, 8443, 443, etc..

Regards,
-Shawn

ckurtm
Offline
Joined: 2008-03-12
Points: 0

I can write custom sockets, but i'm aiming for max portability, so thought i'd stick with the http. Thanks though, it does make sense though that u get to know where your connecting too.

terrencebarr
Offline
Joined: 2004-03-04
Points: 0

Actually, let me add something: If you application has the correct permissions for httpconnection then the user will never be prompted. So that is probably the way you want to go.

--- Terrence

sfitzjava
Offline
Joined: 2003-06-15
Points: 0

Mostly true, caveats being that this is a MIDP2 MIDlet, and that the operator hasn't removed the ability to set permissions to "never ask" for their network.

-Shawn

terrencebarr
Offline
Joined: 2004-03-04
Points: 0

I don't think you can. It is considered security-related information ... there is no point in asking the user the permission to connect somewhere without saying what that destination is.

-- Terrence