Don’t use window.sun or function sun() in Firefox – lest you want to start Java!

I just came across a mind-boggling “ghost in the machine” style problem in Firefox: if you use window.sun or function sun() in JavaScript you effectively start the Java VM. As explained in this article on doctype

There are a few “magic” properties on Mozilla’s DOMWindow interface for supporting LiveConnect that will initialize the Java plugin and all the baggage that comes with it (which, with modern Java plugins, means launching java.exe as a subprocess). Looking up these properties on the window object is all it takes.

Other properties to avoid are:

• java
• Packages
• netscape
• sun
• JavaClass
• JavaArray
• JavaMember

So if you want to make sure that the performance of your webapp doesn’t go down the tubes makes sure you avoid any of these.

Tags: java, javascript, liveconnect, sun, wtf