RFR: 8348986: Improve coverage of enhanced exception messages
Michael McMahon
michaelm at openjdk.org
Thu Mar 6 10:28:20 UTC 2025
Hi,
Enhanced exception messages are designed to hide sensitive information such as hostnames, IP
addresses from exception message strings, unless the enhanced mode for the specific category
has been explicitly enabled. Enhanced exceptions were first introduced in 8204233 in JDK 11 and
updated in 8207846.
This PR aims to increase the coverage of enhanced exception messages in the networking code.
A limited number of exceptions are already hidden (restricted) by default. The new categories and
exceptions in this PR will be restricted on an opt-in basis, ie. the default mode will be enhanced
(while preserving the existing behavior).
The mechanism is controlled by the security/system property "jdk.includeInExceptions" which takes as value
a comma separated list of category names, which identify groups of exceptions where the exception
message may be enhanced. Any category not listed is "restricted" which means that potentially
sensitive information (such as hostnames, IP addresses, user identities) are excluded from the message text.
The changes to the java.security conf file describe the exact changes in terms of the categories now
supported and any changes in behavior.
Thanks,
Michael
-------------
Commit messages:
- remove file added by mistake
- whitespace
- moved test
- Merge branch 'master' into 8348986-exceptions
- update
- update
- Merge branch 'master' into 8348986-exceptions
- update
- Merge branch 'master' into 8348986-exceptions
- Merge branch 'master' into 8348986-exceptions
- ... and 3 more: https://git.openjdk.org/jdk/compare/b1a21b56...c4419860
Changes: https://git.openjdk.org/jdk/pull/23929/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=23929&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8348986
Stats: 1002 lines in 42 files changed: 762 ins; 104 del; 136 mod
Patch: https://git.openjdk.org/jdk/pull/23929.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/23929/head:pull/23929
PR: https://git.openjdk.org/jdk/pull/23929
More information about the core-libs-dev
mailing list