/hg/icedtea-web: Added protection against to small applets. Enha...

jvanek at icedtea.classpath.org jvanek at icedtea.classpath.org
Thu Feb 7 15:50:31 UTC 2019


changeset daea55188c54 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=daea55188c54
author: Jiri Vanek <jvanek at redhat.com>
date: Thu Feb 07 16:50:07 2019 +0100

	Added protection against to small applets. Enhanced understanding of properties like width/height

	* netx/net/sourceforge/jnlp/AppletDesc.java: (getWidth) and (getHeight) now query proeprties for new keys and resize acodringly to them and/
	* netx/net/sourceforge/jnlp/config/Defaults.java: new keys made validated by integer. Treshold must be positive
	* netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java: added keys of deployment.small.size.treshold to allow value since which applet is to small (default 10), deployment.small.size.override.{width,height} to set new size negative values to enforce it, positive to be used as fallback, if no width/heigh (lower/upper/cammel) parameter found default is set to search for width/height param and enforce 800x600 if not present


diffstat:

 ChangeLog                                                     |  11 ++
 netx/net/sourceforge/jnlp/AppletDesc.java                     |  53 +++++++++++
 netx/net/sourceforge/jnlp/config/Defaults.java                |  15 +++
 netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java |   6 +
 4 files changed, 85 insertions(+), 0 deletions(-)

diffs (141 lines):

diff -r 87556fa6a511 -r daea55188c54 ChangeLog
--- a/ChangeLog	Thu Feb 07 14:12:39 2019 +0100
+++ b/ChangeLog	Thu Feb 07 16:50:07 2019 +0100
@@ -1,3 +1,14 @@
+2019-02-07  Jiri Vanek <jvanek at redhat.com>
+
+	Added protection against to small applets. Enhanced understanding of properties like width/height
+	* netx/net/sourceforge/jnlp/AppletDesc.java: (getWidth) and (getHeight) now query proeprties for new keys
+	and resize acodringly to them and/
+	* netx/net/sourceforge/jnlp/config/Defaults.java: new keys made validated by integer. Treshold must be positive
+	* netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java: added keys of deployment.small.size.treshold to allow
+	value since which applet is to small (default 10), deployment.small.size.override.{width,height} to set new size
+	negative values to enforce it, positive to be used as fallback, if no width/heigh (lower/upper/cammel) parameter found
+	default is set to search for width/height param and enforce 800x600 if not present
+
 2019-02-07  Jiri Vanek <jvanek at redhat.com>
 
 	Desktop sortcuts name is now based on title. And only if missing, then on file
diff -r 87556fa6a511 -r daea55188c54 netx/net/sourceforge/jnlp/AppletDesc.java
--- a/netx/net/sourceforge/jnlp/AppletDesc.java	Thu Feb 07 14:12:39 2019 +0100
+++ b/netx/net/sourceforge/jnlp/AppletDesc.java	Thu Feb 07 16:50:07 2019 +0100
@@ -18,6 +18,9 @@
 
 import java.net.*;
 import java.util.*;
+import net.sourceforge.jnlp.config.DeploymentConfiguration;
+import net.sourceforge.jnlp.runtime.JNLPRuntime;
+import net.sourceforge.jnlp.util.logging.OutputController;
 
 /**
  * The applet-desc element.
@@ -91,6 +94,12 @@
      * @return the width
      */
     public int getWidth() {
+        if (width < Integer.valueOf(JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_SMALL_SIZE_OVERRIDE_TRESHOLD))) {
+            Integer nww = fixWidth();
+            if (nww != null) {
+                return nww;
+            }
+        }
         return width;
     }
 
@@ -98,6 +107,12 @@
      * @return the height
      */
     public int getHeight() {
+        if (height < Integer.valueOf(JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_SMALL_SIZE_OVERRIDE_TRESHOLD))) {
+            Integer nwh = fixHeight();
+            if (nwh != null) {
+                return nwh;
+            }
+        }
         return height;
     }
 
@@ -120,4 +135,42 @@
         parameters.put(name, value);
     }
 
+    private Integer fixHeight() {
+        return fixSize(DeploymentConfiguration.KEY_SMALL_SIZE_OVERRIDE_HEIGHT, "Height", "height", "HEIGHT");
+    }
+    private Integer fixWidth() {
+        return fixSize(DeploymentConfiguration.KEY_SMALL_SIZE_OVERRIDE_WIDTH, "Width", "width", "WIDTH");
+    }
+
+    private Integer fixSize(String depKey, String... keys) {
+        OutputController.getLogger().log("Found to small applet!");
+        try {
+            Integer depVal = Integer.valueOf(JNLPRuntime.getConfiguration().getProperty(depKey));
+            if (depVal == 0) {
+                OutputController.getLogger().log("using its size");
+                return null;
+            }
+            if (depVal < 0) {
+                OutputController.getLogger().log("enforcing " + depVal);
+                return Math.abs(depVal);
+            }
+            for (String key : keys) {
+                String sizeFromParam = parameters.get(key);
+                if (sizeFromParam != null) {
+                    try {
+                        OutputController.getLogger().log("using its "+key+"=" + sizeFromParam);
+                        return Integer.valueOf(sizeFromParam);
+                    } catch (NumberFormatException ex) {
+                        OutputController.getLogger().log(ex);
+                    }
+                }
+            }
+            OutputController.getLogger().log("defaulting to " + depVal);
+            return depVal;
+        } catch (NumberFormatException | NullPointerException ex) {
+            OutputController.getLogger().log(OutputController.Level.ERROR_ALL, ex);
+            return null;
+        }
+    }
+
 }
diff -r 87556fa6a511 -r daea55188c54 netx/net/sourceforge/jnlp/config/Defaults.java
--- a/netx/net/sourceforge/jnlp/config/Defaults.java	Thu Feb 07 14:12:39 2019 +0100
+++ b/netx/net/sourceforge/jnlp/config/Defaults.java	Thu Feb 07 16:50:07 2019 +0100
@@ -450,6 +450,21 @@
                         DeploymentConfiguration.KEY_SYSTEM_CONFIG_MANDATORY,
                         BasicValueValidators.getBooleanValidator(),
                         String.valueOf(false)
+                } ,
+                {
+                        DeploymentConfiguration.KEY_SMALL_SIZE_OVERRIDE_WIDTH,
+                        BasicValueValidators.getRangedIntegerValidator(-9999, +9999),
+                        String.valueOf(800)//0 is disabling it; negative is enforcing it
+                },
+                {
+                        DeploymentConfiguration.KEY_SMALL_SIZE_OVERRIDE_HEIGHT,
+                        BasicValueValidators.getRangedIntegerValidator(-9999, +9999),
+                        String.valueOf(600)//0 is disabling it; negative is enforcing it
+                },
+                {
+                        DeploymentConfiguration.KEY_SMALL_SIZE_OVERRIDE_TRESHOLD,
+                        BasicValueValidators.getRangedIntegerValidator(0, 1000),
+                        String.valueOf(10)// treshold when applet is considered as too small
                 }
         };
 
diff -r 87556fa6a511 -r daea55188c54 netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java
--- a/netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java	Thu Feb 07 14:12:39 2019 +0100
+++ b/netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java	Thu Feb 07 16:50:07 2019 +0100
@@ -244,6 +244,12 @@
     public static final String KEY_SYSTEM_CONFIG = "deployment.system.config";
     public static final String KEY_SYSTEM_CONFIG_MANDATORY = "deployment.system.config.mandatory";
     
+    /**
+     * Possibility to control hack which resizes very small applets
+     */
+    public static final String KEY_SMALL_SIZE_OVERRIDE_TRESHOLD = "deployment.small.size.treshold";
+    public static final String KEY_SMALL_SIZE_OVERRIDE_WIDTH = "deployment.small.size.override.width";
+    public static final String KEY_SMALL_SIZE_OVERRIDE_HEIGHT = "deployment.small.size.override.height";
     
     public static final String TRANSFER_TITLE = "Legacy configuration and cache found. Those will be now transported to new locations";
     


More information about the distro-pkg-dev mailing list