[rfc][icedtea-web] "Always trust content from this publisher" defaulting to checked
Andrew Azores
aazores at redhat.com
Tue May 20 16:04:34 UTC 2014
Hi,
I think the "Always Trust" checkbox that appears on the CertWarningPane
for fully signed applets should not default to being checked anymore. I
assume it is currently checked by default to encourage users to trust
fully signed applets so that the dialogs do not continually appear -
however, I don't think that's necessarily the right course of action
now. Now that we have the ability to assign custom policies to different
applets, persistently or per individual run of the applet I think more
emphasis should be placed on this ability. Currently, the dialog also
disables the Sandbox button (which then disables all ability to run the
applet without granting it all permissions) when the checkbox is
selected because it was decided at the time that it doesn't make sense
to say "I always trust this publisher, but I want to run the applet as
if I don't really trust the publisher." I think this behaviour should be
kept. So the only change being made is to default the checkbox to
unchecked, so that the Sandboxing options are presented as available to
begin with, increasing their visibility.
This comes down to simply changing one value for the checkbox. Also
bundled with this patch are making a utility method static, and removing
two unused fields.
ChangeLog:
* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java
(policyMenu, policyEditor): unused fields removed.
(getImageIcon): made static. (addButtons): default alwaysTrust
checkbox to not selected.
Thanks,
--
Andrew A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: certwarningpane-checkbox-unchecked.patch
Type: text/x-patch
Size: 1810 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20140520/8a04ad9e/certwarningpane-checkbox-unchecked.patch>
More information about the distro-pkg-dev
mailing list