[fyi][icedtea-web] backend and itw-settings for extended applets security
Adam Domurad
adomurad at redhat.com
Tue Mar 12 05:56:48 PDT 2013
On 03/01/2013 12:10 PM, Adam Domurad wrote:
> [ large snip ]
>> New version attached.
>> -Adam
>
> Woops. In the back&forth between 1.2 and HEAD I have forgot to add the
> normalization stuff.
>
> Rough location of the changes (sorry for the odd format, I just
> grepped them):
>
> + private static UnsignedAppletActionEntry
> getMatchingItem(UnsignedAppletActionStorage actionStorage,
> PluginBridge file) {
> + return actionStorage.getMatchingItem(
> + normalizeURLQuietly(file.getSourceLocation()).toString(),
> + normalizeURLQuietly(file.getCodeBase()).toString(),
> + file.getArchiveJars());
> + }
> +
> + static private URL normalizeURLQuietly(URL url) {
> + try {
> + System.out.println("Normalizing " + url + " to " +
> ResourceTracker.normalizeUrl(url, false));
> + return ResourceTracker.normalizeUrl(url, false);
> + } catch (IOException e) {
> + e.printStackTrace();
> + } catch (URISyntaxException e) {
> + e.printStackTrace();
> + }
> + return url;
> + }
> --
> + }
> +
> + URL codebase = normalizeURLQuietly(file.getCodeBase());
> + URL documentbase =
> normalizeURLQuietly(file.getSourceLocation());
> +
> + /* Else, create a new entry */
> + UrlRegEx codebaseRegex = new UrlRegEx("\\Q" + codebase +
> "\\E");
> + UrlRegEx documentbaseRegex = new UrlRegEx("\\Q" +
> documentbase + "\\E");
> +
> + UnsignedAppletActionEntry entry = new
> UnsignedAppletActionEntry(
> + behaviour,
>
>
> Happy hacking,
> -Adam
Ping?
More information about the distro-pkg-dev
mailing list