[rfc][icedtea-web] Reflectively add URLPermission to SecurityDesc if available

Omair Majid omajid at redhat.com
Tue Jul 15 16:54:36 UTC 2014

* Andrew Azores <aazores at redhat.com> [2014-07-15 11:44]:
> On 07/15/2014 11:19 AM, Omair Majid wrote:
> >* Andrew Azores <aazores at redhat.com> [2014-07-15 11:12]:
> >>Which part? Just the URLPermission's port, or the downloadHost itself?
> >The port: it should match the port where the jars were downloaded from.
> Hmm. Does JNLPFile#getCodebase()#toURI()#normalize()#getPort() sound right?
> That's what it boils down to in this patch now. I don't know of anywhere
> where we keep a more explicit reference to the port that was actually used
> to download the resources, but I suppose that would generally be either that
> same port, or if not specified, then just the default port for the protocol,
> so the same thing as this. Right?

I believe you are correct, but my knowledge of the internals is a bit
old. Maybe check how that download url for the resource is computed


PGP Key: 66484681 (http://pgp.mit.edu/)
Fingerprint = F072 555B 0A17 3957 4E95  0056 F286 F14F 6648 4681

More information about the distro-pkg-dev mailing list