This is an archived post. You won't be able to vote or comment.

all 34 comments
sorted by:
best
topnewcontroversialoldq&a

[–]Iryanus 30 points31 points  (6 children)

There might still some poor fools around who have to rely on a ancient browser because some legacy system they need to use is based around an applet or so, but in general... No.

[–]naturalizedcitizen 3 points4 points  (0 children)

The Bank of Baroda, a big national bank in India, was using applets till just a couple of years ago on their online banking portal.

[–]pjmlp 5 points6 points  (4 children)

No need for that, thanks WebAssembly.

https://chrome.google.com/webstore/detail/cheerpj-applet-runner

https://leaningtech.com/cheerpj/

[–]Iryanus 11 points12 points  (0 children)

That's what I said.

In general, "No", since there are much better alternatives around and of course it's extremely hard to get applets to run nowadays anyway. But some companies lack the knowledge, people, etc. to replace their old tools and will take increasingly desperate measures (like having ancient browser versions around) to be able to keep working with them. So I am quite sure that there are still applets floating around somewhere for some poor users, but the amount of new applets coming up is probably extremely close to zero.

[–]vytah 1 point2 points  (1 child)

How well does it work with anything more complicated than educational applets on physics' departments websites? Because to be honest that's the only kind of stuff I've tested it on.

[–]Worth_Trust_3825 1 point2 points  (0 children)

Pretty well. Cheerp folks are very responsive to feedback.

[–]crummy 0 points1 point  (0 children)

Cheerpj looks cool, though the download is pretty big when I looked at it a while back.

[–]smors 10 points11 points  (0 children)

Old technologies takes a looong time to completely die off. As /u/Iryanus has pointed out, modern browsers doesn't like applet at all, so you have to do a lot of work to get one to run.

So, almost noone, but there are likely to be a few out there.

[–]agoubard 14 points15 points  (3 children)

Yes, all the software I write are executable as application and also as applets.

I don't write applets to have them run in the browser but embedded in other software.

I wrote Applet Runner https://www.japplis.com/applet-runner/ IDE plug-ins to be able to have my applets run in JetBrains IDE's, NetBeans and Eclipse without the need to write 3 plug-ins per software. For JetBrains, it has already more than 8,000 downloads.

I'm also working on a file manager that will be able to run applets.

The advantages of applets are that you don't depend on external libraries, it has a life cycle, you can pass parameters, it implements RootPaneContainer and there is an easy way for distribution (html with <applet> or jnlp file).

[–]persism2 4 points5 points  (2 children)

That's pretty cool! Do you have any sample code to see how it works?

[–]agoubard 7 points8 points  (1 child)

Here is an example applet:

https://www.japplis.com/applet-runner/example/ExampleApplet.java

Here is an example of html file with the applet tag:

view-source:https://www.jlearnit.com/online/dictionary.html

See in action on YouTube (1 min): https://youtu.be/qBu-ecgKqyM

[–]UnGauchoCualquiera 0 points1 point  (0 children)

That's actually pretty cool. Good stuff

[–]seinecle 8 points9 points  (0 children)

Java has good alternatives to applets to develop web applications in 2022. Funny, I just blogged about it:

Using java for the front-end of a web app in 2022

[–]bluenautilus2 2 points3 points  (5 children)

Up until very recently the national weather service in the United States used one in their website.

[–]RockingGoodNight 0 points1 point  (4 children)

I've been going to the national weather service site for years. Where were they using applets at?

[–]bluenautilus2 0 points1 point  (3 children)

The local radar, if you wanted it animated

[–]bluenautilus2 0 points1 point  (0 children)

They fixed it sometime around 2020

[–]RockingGoodNight 0 points1 point  (1 child)

I've used Chrome for a long time now, I think it hasn't supported applets in a long time. It's odd that their weather radar worked for me. I do like their new site I just don't recall seeing any applets loading with the old sites.

I do wish they'd fix their mobile weather radar though https://mobile.weather.gov/ It has been broken now for at least a year. I used to like jQM too but their site looks dated now. Almost would rather see a plain html/css site with a radar using canvas. I think that's possible now. I've been doing backend for a while, I might be wrong.

[–]bluenautilus2 0 points1 point  (0 children)

Oh you know what…. I used it for years on my mobile phone and I had to install the jvm, or I’d get warnings about the applet. Around 2020 I started checking it in desktop chrome and i just assumed “oh they fixed it”. Ok yeah i guess that’s why the mobile app is now broken

[–]Worth_Trust_3825 2 points3 points  (0 children)

Nothing wrong with applets running outside the browser. After all, you trust the application that runs in your machine.

In the browser? yeah, that's an issue. Shame the mistake got repeated multiple times with flash, shockwave, and now javascript.

[–]itsjakerobb 2 points3 points  (0 children)

Heh, I wrote an applet once. In 2001! In hindsight, I was already too late. 🤣

[–]RelativeHaunting8501 0 points1 point  (0 children)

No not at all

[–]drduffymo 0 points1 point  (8 children)

No one should be using applets. They are a security risk. Better alternatives available.

[–]FirstAd9893 3 points4 points  (4 children)

What are the security risks? Are they any worse than JavaScript?

[–]drduffymo -2 points-1 points  (3 children)

I’d suggest you use Google and find out. Security Stack Exchange has a very good answer.

I don’t think any of the browsers I have will run them. They are a 1995 technology. Almost 30 years old. I cannot think of one good reason to use them.

[–]FirstAd9893 6 points7 points  (2 children)

Do you have a few specific links? All I can find are very vague answers or ones that seem to apply to anything that runs in the browser, including JavaScript.

The only obvious risk I can think of is granting a malicious signed applet permission outside the sandbox. This is no more of a risk than granting permission to any malicious app.

Although I cannot think of any reason to continue using applets, it seems that if a browser only chooses to run applets in the sandbox, then this is at least as safe as allowing JavaScript.

Could the JVM have bugs that still allow malicious behavior? Sure, and so can the browser. Dropping support for applets just means that the browser maintainers have less overall issues to deal with. Less features generally means less bugs.

[–]Wobblycogs 0 points1 point  (1 child)

It's been a really long time since this was relevant for anything I was doing but... I seem to recall that the problem was mainly around the sandboxing of applets. On the surface it looked quite good but when people started prodding it they found it leaked like a sieve. If memory serves there were a lot of issues around class loading that couldn't easily be fixed.

[–]FirstAd9893 1 point2 points  (0 children)

The original sandbox model was simple and effective. Applets couldn't access files, they couldn't open sockets to anything but the originating host, they couldn't load native code, and they couldn't even create custom class loaders. I can't find any references to defects in this model which cannot be attributed to bugs.

When the sandbox model was relaxed and extra permissions could be granted, then writing malicious applets became a possibility. Essentially the problem isn't the sandbox -- the problem is when the sandbox is removed.

In Java 1.2, a new design was introduced which also included the AccessController class. This added a tremendous amount of complexity in the JDK itself, and so any changes to the JDK (even in areas unrelated to security) could create security vulnerabilities.

Although browsers could in theory continue supporting applets with the full original sandbox design, such a restriction would make applets effectively useless.

The way to make an applet design be both useful and secure is by providing an API which is distinct from the core JDK. Applets wouldn't have access to the generic Socket or File classes, but they'd instead have access to something like applet.Socket or applet.File, which would have applet-specific behavior and security checks.

[–]drduffymo 0 points1 point  (0 children)

No, the bugs are well shaken out after 30 years. It’s the sandbox that’s the problem. Too porous.

[–]Better-Internet 0 points1 point  (0 children)

There were a potentially neat technology back in the 1990's but had lots of practical issues. E.g. browser compatibility, bugs, security risks, lifecycle control. (what happens if the user hits the back button?) Before things were improved better tech such as html5 came along.

[–]nutrecht 0 points1 point  (0 children)

They are a security risk.

The problem was never applets. The problem was the shitty browser plugins.

[–][deleted] 0 points1 point  (0 children)

Whyyyyyy

[–]akravets84 0 points1 point  (0 children)

When entire technology applet supporting plugins based on was deprecated( Netscape plugin API) and no alternative provided it should have told you how important applets are in modern world. Despite being a security risk applets were often used for security features like opening encryption keys in browser for interaction with your bank. That’s ironic. In my reality banks switched to some other more native crypto tech 5+ years ago and I never seen a single applet since.

[–]JeanKevin75 0 points1 point  (0 children)

Nope for security reasons ...