javaws argument to disable alaca URL Check
Jiri Vanek
jvanek at redhat.com
Tue Mar 1 08:37:22 UTC 2016
On 02/26/2016 09:13 PM, Mathieu Westphal wrote:
> When i open a jnlp file i have the following :
> $javaws -verbose -allowredirect -nosecurity xplorersCities1.jnlp
> ...
> Trusted Only manifest attribute not found. Continuing.
> The application is a local file. Codebase validation is disabled. See:
> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details.
> The application is a local file. Codebase validation is disabled. See:
> http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details.
> System logger called with result of 0
> System logger called with result of 0
> System logger called with result of 0
> Found alaca URLs to be verified
> - file:/home/glow/aur/xplorers2
> - http://games.asobrain.com/applets/xplorers
> Warning! file:/home/glow/aur/xplorers2 is NOT from codebase/docbase.
> Warning! http://games.asobrain.com/applets/xplorers is NOT from codebase/docbase.
> Setting value:null
>
> With an annoying popup where i need to press "Yes" to validate the URLs. Any ways to disable this
> check ?
>
> Mathieu
Hello!
You can disable the checks by modifying yours deployment.properties in your config directory.
Depends on yours $XDG_CONFIG_HOME, eg ~/.config/icedtea-web/deployment.properties
To ignore manifest (and so this) checks, you need to play with
deployment.manifest.attributes.check
and
deployment.security.level
(see verbose help/manpages/runtime/online docs))
The value of deployment.manifest.attributes.check depends on yours version of ITW. on 1.6.X:
Most insecure setting is:
deployment.manifest.attributes.check=NONE
deployment.security.level=ALLOW_UNSIGNED
but:
deployment.manifest.attributes.check=CODEBASE,ENTRYPOINT,PERMISSIONS,TRUSTED
Should be enough for you.
Since 1.7 (future ITW) this dialog will have "remember checkbox" and its remembering will be based
on codebase/docbase.
J.
More information about the distro-pkg-dev
mailing list