[fyi][icedtea-web] backend and itw-settings for extended applets security
Adam Domurad
adomurad at redhat.com
Thu Feb 21 14:07:38 PST 2013
On 02/20/2013 04:53 PM, Adam Domurad wrote:
> Here are some proposed fixes. Thanks.
>
> - comapre -> compare typo fix
> - Never return from a finally block! (Eclipse underlines the whole
> finally block as a warning.)
> See
> http://weblogs.java.net/blog/staufferjames/archive/2007/06/_dont_return_in.html
> - Added a null check so we don't compare if a null archive list is
> stored.
>
> - Adam
>
>
Ignore that one, this trumps it.
OK. I tried to separate what would be considered changes to Jiri's part
out.
AppletSecuritySettings.java had to be moved out of sun.applet to make it
accessible.
First apply Jiris latest patch, then the rest of them with
integrated-dialogue2.patch last.
Here are the patches. Will make a ChangeLog sometime soon.
All the applet security levels should be working in this patch, as well
it should honour the global applet settings.
Red/green text indicates if you've accepted a patch before.
Further implementation question:
- Currently when many applets share a single classloader on a page and
one is rejected, it'd be nice if the it did not ask for rejection for
all the other applets. It is tricky to get this right. Perhaps rejecting
a certain unique key should be permanent for a session ? There should be
no harm, as you can always restart your browser if you accidentally hit
reject. And indeed there is harm in the other direction, if you reject
an applet but accidentally hit OK for one of the other applet dialogues
that come up.
Let me know of any issues.
Happy hacking,
-Adam
-------------- next part --------------
A non-text attachment was scrubbed...
Name: match-by-strength-and-fix-npe.patch
Type: text/x-patch
Size: 4212 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20130221/67a3c6aa/match-by-strength-and-fix-npe.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lockedfile-fixes.patch
Type: text/x-patch
Size: 2017 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20130221/67a3c6aa/lockedfile-fixes.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: move-appletstartupsecuritysettings.patch
Type: text/x-patch
Size: 8917 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20130221/67a3c6aa/move-appletstartupsecuritysettings.patch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: integrated-dialogue2.patch
Type: text/x-patch
Size: 31762 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20130221/67a3c6aa/integrated-dialogue2.patch
More information about the distro-pkg-dev
mailing list