[rfc][icedtea-web] Backport unsigned applet confirmation to icedtea-web 1.2

[Jiri Vanek]

On 02/26/2013 10:59 PM, Adam Domurad wrote:
> NB: This is a work in progress, posting for early feedback.
>
> So a back-port was requested for 1.2 for systems that still use it. I tried to use as much
> already-reviewed material as possible while retaining simplicity.
>
> The whitelist attempts to be forwards compatible with the patch aimed at HEAD, but generally it does
> plain string matching without regex.
>
> The icedtea-web settings panel simply has a box that changes the security level, and a button to
> clear the current whitelist.
>
> I *think* everything is working, but I was in a rush posting this, so let me know. There are a few
> println statements left in, but again, rush.
>
> This is of course meant to be applied to the 1.2 release branch.
>
> Cheers,
> -Adam

Hi!

I like this backport. Looks like it is working....
I like that you have  addapted  as much code as possible, and you are keeping forward compatibility.
=> Maybe it is also worthy to backport  UnsignedAppletActionEntry.java , which is handling the 
loading of lines.
Also I like the url normlaization stuff.

mayor nit:
The checkbox is not working. Decision is always saved.
Proceed/cancel is not saved correctly  - in all cases "N" is saved
The values in .applettrustSettings are overriding main policy. Is this even in head?
   This file should be checked only (in case of this backport) only during "high security"

Minor nits - in head the items in combobobx are sorted in reversed order.
Sometimes I noted that the combobozx have not setup its value accordingly user's value
The exeption should be maybe more clear (eg distinguish custompolicy and "by applet| policy in its 
text) - I think this is valid also fo head

imho both
User file : /home/jvanek/.icedtea/deployment.properties
System file : null
  outputs should be gone...

For 1.3 I would ratehr  like to have full backport of head.


Thanx for backport!

    J.