[rfc] [icedtea-web] restrict all connections to origins also to ports
Jiri Vanek
jvanek at redhat.com
Tue Oct 6 12:12:05 UTC 2015
Hello!
Itw have nasty habit (from jdk7 and older times) that it ignore port in case of Socket permission.
We already consider port in UrlPermissions and jdk8 internally is considering port more strictly
then 7. So I do not see point to ignore port for socket permissions anymore.
The attached patch is adding port restricttions to all network permissions on way.
(part of it is simple refactoring from String host to URL host in some places.
I would like to push this to 1.6 and very probably to 1.5 too, although it is behaviour-changing patch,
J,
-------------- next part --------------
A non-text attachment was scrubbed...
Name: usePortForPermissions.patch
Type: text/x-patch
Size: 15615 bytes
Desc: not available
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20151006/8068a4b0/usePortForPermissions-0001.patch>
More information about the distro-pkg-dev
mailing list