RFC: Proxy support for IcedTea Java Plugin
Andrew John Hughes
gnu_andrew at member.fsf.org
Fri Mar 13 16:07:14 PDT 2009
2009/3/13 Deepak Bhole <dbhole at redhat.com>:
> Hi,
>
> Attached patch adds proxy support to the IcedTea plugin.
>
> With this patch, the plugin can now read proxy settings from the browser
> and use those to connect to the remote server for fetching jars,
> applet communication (SOCKS proxy), etc. The patch also adds support
> for proxy (and web) servers that require http authentication by
> displaying a credential input dialog to the user.
>
Haven't tested this so these comments are just from reading the code.
Someone else should (maybe the user who reported this issue?), and I
hope you have! Generally looks ok. Main issue I can see is that the
password is being output several times to the console. This should be
removed.
Few other minor issues:
* Use a StringBuilder rather than a StringBuffer to construct the
String in CustomAuthenticator. StringBuffer has unnecessary
synchronisation.
* A few lines are a bit too long and should have line breaks to make
the code easier to read.
> Initially I also started adding support for fetching cached authentication
> information from mozilla directly, but then I decided to disable it as
> it felt like a security risk to pass usernames/passwords over a FIFO
> pipe. If the communication system is changed in the future, that code
> can be enabled again. It is about 80% done.
>
Can you remove this dead code from the patch and keep it to one-side
separately? It's a bad idea to have dead code hanging around, and
worse when it's potentially open for exploit like this.
> In addition, there are a few minor fixes here and there -- see ChangeLog
> diff for more details.
>
Please do these in a separate patch. It's easier to track down bugs
later if each changeset only makes one change. They are trivial
enough to just go straight in.
As Andrew already mentioned, you don't include the ChangeLog in the
patch itself but rather in the email, as it generally won't apply
locally for other users.
> Please let me know if you find any problems.
>
> Thanks!
> Deepak
>
Thanks,
--
Andrew :-)
Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)
Support Free Java!
Contribute to GNU Classpath and the OpenJDK
http://www.gnu.org/software/classpath
http://openjdk.java.net
PGP Key: 94EFD9D8 (http://subkeys.pgp.net)
Fingerprint: F8EF F1EA 401E 2E60 15FA 7927 142C 2591 94EF D9D8
More information about the distro-pkg-dev
mailing list