RFR: 8348986: Improve coverage of enhanced exception messages [v16]
Michael McMahon
michaelm at openjdk.org
Fri May 30 14:52:56 UTC 2025
On Fri, 30 May 2025 13:32:08 GMT, Sean Mullan <mullan at openjdk.org> wrote:
>> Michael McMahon has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Fixed problem with j.n.HostPortRange
>
> src/java.base/share/conf/security/java.security line 1282:
>
>> 1280: # Exception messages may include potentially sensitive information such as file
>> 1281: # names, host names, or port numbers. By default, socket related exceptions
>> 1282: # have this information restricted (meaning the sensitive details are removed).
>
> I found the "By default ..." sentence a little confusing, since other categories are also restricted by default. My initial thought is to just remove this sentence, as reading further will make it more clear that the hostInfoExclSocket category is the only one that is not restricted by default. Alternatively, you could flip the meaning of this sentence and say which exceptions are **not** restricted by default.
Fair point. I think we can make this clearer with a small addition. I propose to add the following sentence after the one starting "By default ..."
# Exception messages relating to Jar files and exceptions containing user
# identity information are also restricted by default.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2116074735
More information about the net-dev
mailing list