[8] Request for review: 8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo
Sean Mullan
sean.mullan at oracle.com
Thu Jul 25 19:28:19 UTC 2013
On 07/24/2013 10:16 AM, Xuelei Fan wrote:
> DOMUtils.java
> =============
> It might be a little bit better to reuse the node local name checking
> with a new private static method.
Good suggestion.
> Otherwise, looks fine.
>
> A minor comment is a very personal preference. I may prefer to return
> null instead of throw exception in the new methods of class DOMUtils,
> when there is no such node. And the caller throw the exception instead.
> For example:
> public static Element getFirstChildElement(Node node,
> String localName) throws MarshalException
I considered that, but most of the time null is an exception, so it's
more concise to have the method handle this case, than the other way around.
I have updated the webrev:
http://cr.openjdk.java.net/~mullan/webrevs/8012288/webrev.01/
Can you take a quick look at DOMUtils to see if it looks ok?
Thanks,
Sean
>
>
> Xuelei
>
> On 7/23/2013 9:05 PM, Sean Mullan wrote:
>> Xuelei,
>>
>> Could you please review my fix for 8012288:
>>
>> http://cr.openjdk.java.net/~mullan/webrevs/8012288/webrev.00/
>>
>> There is already an SQE test for this, so I have added the noreg-sqe
>> label.
>>
>> Thanks,
>> Sean
>
More information about the security-dev
mailing list