/hg/icedtea-web: 2 new changesets
aazores at icedtea.classpath.org
aazores at icedtea.classpath.org
Fri Feb 28 13:46:05 PST 2014
changeset 2bb356915cc1 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=2bb356915cc1
author: Andrew Azores <aazores at redhat.com>
date: Fri Feb 28 16:33:48 2014 -0500
Introduce SecurityDelegate
* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java:
(SecurityDelegate, SecurityDelegateImpl) new interface and implementation.
(initializeResources, setSecurity, activateJars, addNewJar) refactored to
use SecurityDelegate
changeset ededca6b0659 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=ededca6b0659
author: Andrew Azores <aazores at redhat.com>
date: Fri Feb 28 16:45:24 2014 -0500
Add Run In Sandbox button
Added "Sandbox" button to CertWarning dialogs, allowing signed applets
to be run with restricted permissions
* netx/net/sourceforge/jnlp/resources/Messages.properties: (ButSandbox,
LRunInSandboxError, LRunInSandboxErrorInfo, CertWarnRunTip,
CertWarnSandboxTip, CertWarnCancelTip): new messages
* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (createInstance)
added check to not display unsigned warning dialog if the cert warning
dialog has been presented and the applet is sandboxed.
(checkTrustWithUser) updated for Run In Sandbox functionality.
(setRunInSandbox, userPromptedForSandbox) new functions
* netx/net/sourceforge/jnlp/security/AppVerifier.java:
(checkTrustWithUser) added SecurityDelegate param
* netx/net/sourceforge/jnlp/security/CertWarningPane.java: added Sandbox
button
* netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java:
(checkTrustWithUser) uses AppletAction enum type, calls
JNLPClassLoader#setRunInSandbox if AppletAction is SANDBOX
* netx/net/sourceforge/jnlp/security/PluginAppVerifier.java: same
* netx/net/sourceforge/jnlp/security/SecurityDialogs.java: added
(AppletAction) enum type. (showCertWarning) returns AppletAction
rather than boolean
* netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java:
(askUser) refactor to use AppletAction rather than boolean
* netx/net/sourceforge/jnlp/tools/JarCertVerifier.java:
(checkTrustWithUser) added SecurityDelegate param
* tests/netx/unit/net/sourceforge/jnlp/security/SecurityDialogsTest.java:
(testGetIntegerResponseAsAppletAction) new tests for converting Object
references into AppletActions
diffstat:
ChangeLog | 39 +
netx/net/sourceforge/jnlp/resources/Messages.properties | 7 +
netx/net/sourceforge/jnlp/runtime/Boot.java | 3 +
netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 301 ++++++---
netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java | 11 +
netx/net/sourceforge/jnlp/security/AppVerifier.java | 3 +-
netx/net/sourceforge/jnlp/security/CertWarningPane.java | 41 +-
netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java | 11 +-
netx/net/sourceforge/jnlp/security/PluginAppVerifier.java | 11 +-
netx/net/sourceforge/jnlp/security/SecurityDialogs.java | 35 +-
netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java | 4 +-
netx/net/sourceforge/jnlp/tools/JarCertVerifier.java | 8 +-
tests/netx/unit/net/sourceforge/jnlp/security/SecurityDialogsTest.java | 33 +
tests/reproducers/signed/RunInSandbox/resources/RunInSandbox.html | 48 +
tests/reproducers/signed/RunInSandbox/resources/RunInSandboxApplet.jnlp | 58 +
tests/reproducers/signed/RunInSandbox/resources/RunInSandboxApplication.jnlp | 58 +
tests/reproducers/signed/RunInSandbox/resources/RunInSandboxJnlpHref.html | 45 +
tests/reproducers/signed/RunInSandbox/srcs/RunInSandbox.java | 23 +
tests/reproducers/signed/RunInSandbox/testcases/RunInSandboxTest.java | 95 +++
19 files changed, 713 insertions(+), 121 deletions(-)
diffs (truncated from 1196 to 500 lines):
diff -r 1fb5b82415ce -r ededca6b0659 ChangeLog
--- a/ChangeLog Thu Feb 27 14:35:41 2014 -0500
+++ b/ChangeLog Fri Feb 28 16:45:24 2014 -0500
@@ -1,3 +1,42 @@
+2014-02-28 Andrew Azores <aazores at redhat.com>
+
+ Added "Sandbox" button to CertWarning dialogs, allowing signed applets
+ to be run with restricted permissions
+ * netx/net/sourceforge/jnlp/resources/Messages.properties: (ButSandbox,
+ LRunInSandboxError, LRunInSandboxErrorInfo, CertWarnRunTip,
+ CertWarnSandboxTip, CertWarnCancelTip): new messages
+ * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (createInstance)
+ added check to not display unsigned warning dialog if the cert warning
+ dialog has been presented and the applet is sandboxed.
+ (checkTrustWithUser) updated for Run In Sandbox functionality.
+ (setRunInSandbox, userPromptedForSandbox) new functions
+ * netx/net/sourceforge/jnlp/security/AppVerifier.java:
+ (checkTrustWithUser) added SecurityDelegate param
+ * netx/net/sourceforge/jnlp/security/CertWarningPane.java: added Sandbox
+ button
+ * netx/net/sourceforge/jnlp/security/JNLPAppVerifier.java:
+ (checkTrustWithUser) uses AppletAction enum type, calls
+ JNLPClassLoader#setRunInSandbox if AppletAction is SANDBOX
+ * netx/net/sourceforge/jnlp/security/PluginAppVerifier.java: same
+ * netx/net/sourceforge/jnlp/security/SecurityDialogs.java: added
+ (AppletAction) enum type. (showCertWarning) returns AppletAction
+ rather than boolean
+ * netx/net/sourceforge/jnlp/security/VariableX509TrustManager.java:
+ (askUser) refactor to use AppletAction rather than boolean
+ * netx/net/sourceforge/jnlp/tools/JarCertVerifier.java:
+ (checkTrustWithUser) added SecurityDelegate param
+ * tests/netx/unit/net/sourceforge/jnlp/security/SecurityDialogsTest.java:
+ (testGetIntegerResponseAsAppletAction) new tests for converting Object
+ references into AppletActions
+
+2014-02-28 Andrew Azores <aazores at redhat.com>
+
+ * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java:
+ (SecurityDelegate, SecurityDelegateImpl) new interface and implementation.
+ Includes logic for Run In Sandbox, which is not yet used
+ (initializeResources, setSecurity, activateJars, addNewJar) refactored to
+ use SecurityDelegate
+
2014-02-27 Andrew Azores <aazores at redhat.com>
* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: treat signed
diff -r 1fb5b82415ce -r ededca6b0659 netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties Thu Feb 27 14:35:41 2014 -0500
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Fri Feb 28 16:45:24 2014 -0500
@@ -12,11 +12,16 @@
ButOk=OK
ButProceed=Proceed
ButRun=Run
+ButSandbox=Sandbox
ButApply=Apply
ButDone=Done
ButShowDetails=Show Details
ButHideDetails=Hide Details
+CertWarnRunTip=Trust this applet and run with full permissions
+CertWarnSandboxTip=Do not trust this applet and run with restricted permissions
+CertWarnCancelTip=Do not run this applet
+
AFileOnTheMachine=a file on the machine
AlwaysAllowAction=Always allow this action
Usage=Usage:
@@ -93,6 +98,8 @@
LUnsignedAppletUserDenied=The applet was unsigned, and was not trusted.
LSignedAppJarUsingUnsignedJar=Signed application using unsigned jars.
LSignedAppJarUsingUnsignedJarInfo=The main application jar is signed, but some of the jars it is using aren't.
+LRunInSandboxError=Run in Sandbox call performed too late.
+LRunInSandboxErrorInfo=The classloader was notified to run the applet sandboxed, but security settings were already initialized.
LSignedJNLPFileDidNotMatch=The signed JNLP file did not match the launching JNLP file.
LNoSecInstance=Error: No security instance for {0}. The application may have trouble continuing
LCertFoundIn={0} found in cacerts ({1})
diff -r 1fb5b82415ce -r ededca6b0659 netx/net/sourceforge/jnlp/runtime/Boot.java
--- a/netx/net/sourceforge/jnlp/runtime/Boot.java Thu Feb 27 14:35:41 2014 -0500
+++ b/netx/net/sourceforge/jnlp/runtime/Boot.java Fri Feb 28 16:45:24 2014 -0500
@@ -184,6 +184,9 @@
if (null != getOption("-Xtrustall")) {
JNLPRuntime.setTrustAll(true);
}
+ if (null != getOption("-Xtrustnone")) {
+ JNLPRuntime.setTrustNone(true);
+ }
if (null != getOption("-Xignoreheaders")) {
JNLPRuntime.setIgnoreHeaders(true);
}
diff -r 1fb5b82415ce -r ededca6b0659 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Feb 27 14:35:41 2014 -0500
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Fri Feb 28 16:45:24 2014 -0500
@@ -224,6 +224,8 @@
private boolean enableCodeBase = false;
+ private final SecurityDelegate securityDelegate;
+
/**
* Create a new JNLPClassLoader from the specified file.
*
@@ -272,6 +274,8 @@
addToCodeBaseLoader(this.file.getCodeBase());
}
+ this.securityDelegate = new SecurityDelegateImpl(this);
+
// initialize extensions
initializeExtensions();
@@ -309,52 +313,8 @@
}
private void setSecurity() throws LaunchException {
-
URL codebase = guessCodeBase();
-
- /**
- * When we're trying to load an applet, file.getSecurity() will return
- * null since there is no jnlp file to specify permissions. We
- * determine security settings here, after trying to verify jars.
- */
- if (file instanceof PluginBridge) {
- if (getSigning()) {
- this.security = new SecurityDesc(file,
- SecurityDesc.ALL_PERMISSIONS,
- codebase.getHost());
- } else {
- this.security = new SecurityDesc(file,
- SecurityDesc.SANDBOX_PERMISSIONS,
- codebase.getHost());
- }
- } else { //regular jnlp file
-
- /*
- * Various combinations of the jars being signed and <security> tags being
- * present are possible. They are treated as follows
- *
- * Jars JNLP File Result
- *
- * Signed <security> Appropriate Permissions
- * Signed no <security> Sandbox
- * Unsigned <security> Error
- * Unsigned no <security> Sandbox
- *
- */
- if (!file.getSecurity().getSecurityType().equals(SecurityDesc.SANDBOX_PERMISSIONS) && !getSigning()) {
- if (jcv.allJarsSigned()) {
- throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LSignedJNLPAppDifferentCerts"), R("LSignedJNLPAppDifferentCertsInfo"));
- } else {
- throw new LaunchException(file, null, R("LSFatal"), R("LCClient"), R("LUnsignedJarWithSecurity"), R("LUnsignedJarWithSecurityInfo"));
- }
- } else if (getSigning()) {
- this.security = file.getSecurity();
- } else {
- this.security = new SecurityDesc(file,
- SecurityDesc.SANDBOX_PERMISSIONS,
- codebase.getHost());
- }
- }
+ this.security = securityDelegate.getClassLoaderSecurity(codebase.getHost());
}
/**
@@ -394,8 +354,12 @@
// If security level is 'high' or greater, we must check if the user allows unsigned applets
// when the JNLPClassLoader is created. We do so here, because doing so in the constructor
- // causes unwanted side-effects for some applets
- if (!loader.getSigning() && file instanceof PluginBridge) {
+ // causes unwanted side-effects for some applets. However, if the loader has been tagged
+ // with "runInSandbox", then we do not show this dialog - since this tag indicates that
+ // the user was already shown a CertWarning dialog and has chosen to run the applet sandboxed.
+ // This means they've already agreed to running the applet and have specified with which
+ // permission level to do it!
+ if (!loader.getSigning() && !loader.securityDelegate.userPromptedForSandbox() && file instanceof PluginBridge) {
UnsignedAppletTrustConfirmation.checkUnsignedWithUserIfRequired((PluginBridge)file);
}
@@ -766,38 +730,20 @@
continue; // JAR not found. Keep going.
}
- SecurityDesc jarSecurity = file.getSecurity();
-
- if (file instanceof PluginBridge) {
-
- URL codebase = null;
-
- if (file.getCodeBase() != null) {
- codebase = file.getCodeBase();
- } else {
- //Fixme: codebase should be the codebase of the Main Jar not
- //the location. Although, it still works in the current state.
- codebase = file.getResources().getMainJAR().getLocation();
- }
-
- try {
- if (JarCertVerifier.isJarSigned(jarDesc, new PluginAppVerifier(), tracker)) {
- containsSignedJar = true;
- jarSecurity = new SecurityDesc(file,
- SecurityDesc.ALL_PERMISSIONS,
- codebase.getHost());
- } else {
- containsUnsignedJar = true;
- jarSecurity = new SecurityDesc(file,
- SecurityDesc.SANDBOX_PERMISSIONS,
- codebase.getHost());
- }
- } catch (Exception e) {
- OutputController.getLogger().log(e);
- jarSecurity = new SecurityDesc(file,
- SecurityDesc.SANDBOX_PERMISSIONS,
- codebase.getHost());
- }
+ final URL codebase;
+ if (file.getCodeBase() != null) {
+ codebase = file.getCodeBase();
+ } else {
+ // FIXME: codebase should be the codebase of the Main Jar not
+ // the location. Although, it still works in the current state.
+ codebase = file.getResources().getMainJAR().getLocation();
+ }
+
+ final SecurityDesc jarSecurity = securityDelegate.getCodebaseSecurityDesc(jarDesc, codebase.getHost());
+ if (jarSecurity.getSecurityType().equals(SecurityDesc.SANDBOX_PERMISSIONS)) {
+ containsUnsignedJar = true;
+ } else {
+ containsSignedJar = true;
}
jarLocationSecurityMap.put(jarDesc.getLocation(), jarSecurity);
@@ -1093,15 +1039,37 @@
* @throws LaunchException if the user does not approve every dialog prompt.
*/
private void checkTrustWithUser() throws LaunchException {
- if (JNLPRuntime.isTrustAll()){
+ if (JNLPRuntime.isTrustNone()) {
+ if (!securityDelegate.getRunInSandbox()) {
+ setRunInSandbox();
+ }
return;
}
+ if (JNLPRuntime.isTrustAll() || securityDelegate.getRunInSandbox()) {
+ return;
+ }
if (jcv.isFullySigned() && !jcv.getAlreadyTrustPublisher()) {
- jcv.checkTrustWithUser(file);
+ jcv.checkTrustWithUser(securityDelegate, file);
}
}
+ /*
+ * Sets whether applets are to be run sandboxed, regardless of JAR
+ * signing. This MUST be called before any call to initializeResources,
+ * setSecurity, activateJars, or any other method that sets the value
+ * of this.security or adds entries into this.jarLocationSecurityMap.
+ * @throws LaunchException if security settings have been initialized before
+ * this method is called
+ */
+ public void setRunInSandbox() throws LaunchException {
+ securityDelegate.setRunInSandbox();
+ }
+
+ public boolean userPromptedForSandbox() {
+ return securityDelegate.getRunInSandbox();
+ }
+
/**
* Display a dialog prompting the user to proceed on applets with mixed signing.
* @param file the JNLPFile or PluginBridge describing the applet/application to be launched
@@ -1326,17 +1294,7 @@
codebase = file.getResources().getMainJAR().getLocation();
}
- SecurityDesc jarSecurity = null;
- if (jcv.isFullySigned()) {
- // Already trust application, nested jar should be given
- jarSecurity = new SecurityDesc(file,
- SecurityDesc.ALL_PERMISSIONS,
- codebase.getHost());
- } else {
- jarSecurity = new SecurityDesc(file,
- SecurityDesc.SANDBOX_PERMISSIONS,
- codebase.getHost());
- }
+ final SecurityDesc jarSecurity = securityDelegate.getJarPermissions(codebase.getHost());
try {
URL fileURL = new URL("file://" + extractedJarLocation);
@@ -1659,16 +1617,7 @@
checkTrustWithUser();
- final SecurityDesc security;
- if (jcv.isFullySigned()) {
- security = new SecurityDesc(file,
- SecurityDesc.ALL_PERMISSIONS,
- file.getCodeBase().getHost());
- } else {
- security = new SecurityDesc(file,
- SecurityDesc.SANDBOX_PERMISSIONS,
- file.getCodeBase().getHost());
- }
+ final SecurityDesc security = securityDelegate.getJarPermissions(file.getCodeBase().getHost());
jarLocationSecurityMap.put(remoteURL, security);
@@ -2346,6 +2295,154 @@
}
+ /**
+ * SecurityDelegate, in real usage, relies on having a "parent" JNLPClassLoader instance.
+ * However, JNLPClassLoaders are very large, heavyweight, difficult-to-mock objects, which
+ * means that unit testing on anything that uses a SecurityDelegate can become very difficult.
+ * For example, JarCertVerifier is designed separated from the ClassLoader so it can be tested
+ * in isolation. However, JCV needs some sort of access back to JNLPClassLoader instances to
+ * be able to invoke setRunInSandbox(). The SecurityDelegate handles this, allowing JCV to be
+ * tested without instantiating JNLPClassLoaders, by creating a fake SecurityDelegate that does
+ * not require one.
+ */
+ public static interface SecurityDelegate {
+ public boolean isPluginApplet();
+
+ public boolean userPromptedForSandbox();
+
+ public SecurityDesc getCodebaseSecurityDesc(final JARDesc jarDesc, final String codebaseHost);
+
+ public SecurityDesc getClassLoaderSecurity(final String codebaseHost) throws LaunchException;
+
+ public SecurityDesc getJarPermissions(final String codebaseHost);
+
+ public void setRunInSandbox() throws LaunchException;
+
+ public boolean getRunInSandbox();
+ }
+
+ /**
+ * Handles security decision logic for the JNLPClassLoader, eg which permission level to assign
+ * to JARs.
+ */
+ public static class SecurityDelegateImpl implements SecurityDelegate {
+ private final JNLPClassLoader classLoader;
+ private boolean runInSandbox;
+ private boolean promptedForSandbox;
+
+ public SecurityDelegateImpl(final JNLPClassLoader classLoader) {
+ this.classLoader = classLoader;
+ runInSandbox = false;
+ promptedForSandbox = false;
+ }
+
+ public boolean isPluginApplet() {
+ return classLoader.file instanceof PluginBridge;
+ }
+
+ public SecurityDesc getCodebaseSecurityDesc(final JARDesc jarDesc, final String codebaseHost) {
+ if (runInSandbox) {
+ return new SecurityDesc(classLoader.file,
+ SecurityDesc.SANDBOX_PERMISSIONS,
+ codebaseHost);
+ } else {
+ if (isPluginApplet()) {
+ try {
+ if (JarCertVerifier.isJarSigned(jarDesc, new PluginAppVerifier(), classLoader.tracker)) {
+ return new SecurityDesc(classLoader.file,
+ SecurityDesc.ALL_PERMISSIONS,
+ codebaseHost);
+ } else {
+ return new SecurityDesc(classLoader.file,
+ SecurityDesc.SANDBOX_PERMISSIONS,
+ codebaseHost);
+ }
+ } catch (final Exception e) {
+ OutputController.getLogger().log(e);
+ return new SecurityDesc(classLoader.file,
+ SecurityDesc.SANDBOX_PERMISSIONS,
+ codebaseHost);
+ }
+ } else {
+ return classLoader.file.getSecurity();
+ }
+ }
+ }
+
+ public SecurityDesc getClassLoaderSecurity(final String codebaseHost) throws LaunchException {
+ if (isPluginApplet()) {
+ if (!runInSandbox && classLoader.getSigning()) {
+ return new SecurityDesc(classLoader.file,
+ SecurityDesc.ALL_PERMISSIONS,
+ codebaseHost);
+ } else {
+ return new SecurityDesc(classLoader.file,
+ SecurityDesc.SANDBOX_PERMISSIONS,
+ codebaseHost);
+ }
+ } else {
+ /*
+ * Various combinations of the jars being signed and <security> tags being
+ * present are possible. They are treated as follows
+ *
+ * Jars JNLP File Result
+ *
+ * Signed <security> Appropriate Permissions
+ * Signed no <security> Sandbox
+ * Unsigned <security> Error
+ * Unsigned no <security> Sandbox
+ *
+ */
+ if (!runInSandbox && !classLoader.getSigning()
+ && !classLoader.file.getSecurity().getSecurityType().equals(SecurityDesc.SANDBOX_PERMISSIONS)) {
+ if (classLoader.jcv.allJarsSigned()) {
+ throw new LaunchException(classLoader.file, null, R("LSFatal"), R("LCClient"), R("LSignedJNLPAppDifferentCerts"), R("LSignedJNLPAppDifferentCertsInfo"));
+ } else {
+ throw new LaunchException(classLoader.file, null, R("LSFatal"), R("LCClient"), R("LUnsignedJarWithSecurity"), R("LUnsignedJarWithSecurityInfo"));
+ }
+ } else if (!runInSandbox && classLoader.getSigning()) {
+ return classLoader.file.getSecurity();
+ } else {
+ return new SecurityDesc(classLoader.file,
+ SecurityDesc.SANDBOX_PERMISSIONS,
+ codebaseHost);
+ }
+ }
+ }
+
+ public SecurityDesc getJarPermissions(final String codebaseHost) {
+ if (!runInSandbox && classLoader.jcv.isFullySigned()) {
+ // Already trust application, nested jar should be given
+ return new SecurityDesc(classLoader.file,
+ SecurityDesc.ALL_PERMISSIONS,
+ codebaseHost);
+ } else {
+ return new SecurityDesc(classLoader.file,
+ SecurityDesc.SANDBOX_PERMISSIONS,
+ codebaseHost);
+ }
+ }
+
+ public void setRunInSandbox() throws LaunchException {
+ if (promptedForSandbox || classLoader.security != null
+ || classLoader.jarLocationSecurityMap.size() != 0) {
+ throw new LaunchException(classLoader.file, null, R("LSFatal"), R("LCInit"), R("LRunInSandboxError"), R("LRunInSandboxErrorInfo"));
+ }
+
+ this.promptedForSandbox = true;
+ this.runInSandbox = true;
+ }
+
+ public boolean getRunInSandbox() {
+ return this.runInSandbox;
+ }
+
+ public boolean userPromptedForSandbox() {
+ return this.promptedForSandbox;
+ }
+
+ }
+
/*
* Helper class to expose protected URLClassLoader methods.
* Classes loaded from the codebase are absolutely NOT signed, by definition!
diff -r 1fb5b82415ce -r ededca6b0659 netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Thu Feb 27 14:35:41 2014 -0500
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java Fri Feb 28 16:45:24 2014 -0500
@@ -143,6 +143,9 @@
/** all security dialogs will be consumed and pretented as being verified by user and allowed.*/
private static boolean trustAll=false;
+
+ /** all security dialogs will be consumed and we will pretend the Sandbox option was chosen */
+ private static boolean trustNone = false;
/** allows 301.302.303.307.308 redirects to be followed when downloading resources*/
private static boolean allowRedirect = false;;
@@ -794,6 +797,14 @@
return trustAll;
}
+ static void setTrustNone(final boolean b) {
+ trustNone = b;
+ }
+
+ public static boolean isTrustNone() {
+ return trustNone;
+ }
+
public static boolean isIgnoreHeaders() {
return ignoreHeaders;
}
diff -r 1fb5b82415ce -r ededca6b0659 netx/net/sourceforge/jnlp/security/AppVerifier.java
--- a/netx/net/sourceforge/jnlp/security/AppVerifier.java Thu Feb 27 14:35:41 2014 -0500
+++ b/netx/net/sourceforge/jnlp/security/AppVerifier.java Fri Feb 28 16:45:24 2014 -0500
@@ -42,6 +42,7 @@
import net.sourceforge.jnlp.JNLPFile;
import net.sourceforge.jnlp.LaunchException;
+import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate;
import net.sourceforge.jnlp.tools.CertInformation;
More information about the distro-pkg-dev
mailing list