Mercurial > hg > release > icedtea-web-1.5
view netx/net/sourceforge/jnlp/resources/Messages.properties @ 1025:ecdb5af1e069
Backported fix for NPE in CertWarningDialog for HTTPS certs
2014-11-05 Andrew Azores <aazores@redhat.com>
* netx/net/sourceforge/jnlp/resources/Messages.properties
(CertWarnHTTPSAcceptTip, CertWarnHTTPSRejectTip): new messages more
applicable for HTTPS cert warning dialogs
* netx/net/sourceforge/jnlp/security/dialogs/CertWarningPane.java:
distinguish between HTTPS cert warnings and signed applet cert warnings.
Display appropriate text labels and buttons corresponding to either case.
* netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissionsButton.java:
If any of file, securityDelegate, or linkedButton are null, simply
disable this component and do not add component listeners dependent upon
these fields. Also, do not add multiple groups of permissions, and do not
add the permissions to the securityDelegate until the linkedButton is
actually clicked (rather than when the menu item is clicked)
author | Andrew Azores <aazores@redhat.com> |
---|---|
date | Thu, 06 Nov 2014 14:16:48 -0500 |
parents | 576b9e693117 |
children | f45e2b0ee174 |
line wrap: on
line source
# Default (English) UI messages for netx # L=Launcher, B=Boot, P=Parser, C=cache S=security # # General NullParameter=Null parameter ButAllow=Allow ButBrowse=Browse... ButCancel=\ Cancel\ ButClose=Close ButCopy=Copy to Clipboard ButMoreInformation=More Information... ButOk=OK ButProceed=Proceed ButRun=Run ButSandbox=Sandbox ButApply=Apply ButDone=Done ButShowDetails=Show Details ButHideDetails=Hide Details ButYes=Yes ButNo=No CertWarnRunTip=Trust this applet and run with full permissions CertWarnSandboxTip=Do not trust this applet and run with restricted permissions CertWarnCancelTip=Do not run this applet CertWarnPolicyTip=Advanced sandbox settings CertWarnPolicyEditorItem=Launch PolicyEditor CertWarnHTTPSAcceptTip=Accept this certificate and trust the HTTPS connection CertWarnHTTPSRejectTip=Do not accept this certificate and do not establish the HTTPS connection AFileOnTheMachine=a file on the machine AlwaysAllowAction=Always allow this action Usage=Usage: Error=Error Warning=Warning Continue=Do you want to continue? Field=Field From=From Name=Name Password=Password: Publisher=Publisher Unknown=<Unknown> Username=Username: Value=Value Version=Version # about dialogue AboutDialogueTabAbout=About AboutDialogueTabAuthors=Authors AboutDialogueTabChangelog=Changelog AboutDialogueTabNews=News AboutDialogueTabGPLv2=GPLv2 # missing permissions dialogue MissingPermissionsMainTitle=Application <span color='red'> {0} </span> \ from <span color='red'> {1} </span> is missing the permissions attribute. \ Applications without this attribute should not be trusted. Do you wish to allow this application to run? MissingPermissionsInfo=For more information you can visit:<br/>\ <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions"> \ JAR File Manifest Attributes</a> <br/> \ and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \ Preventing the repurposing of Applications</a> # missing Application-Library-Allowable-Codebase dialogue ALACAMissingMainTitle=The application <span color='red'> {0} </span> \ from <span color='red'> {1} </span> uses resources from the following remote locations: \ {2} \ Are you sure you want to run this application? ALACAMissingInfo=For more information see:<br/>\ <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \ JAR File Manifest Attributes</a> <br/> \ and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \ Preventing the Repurposing of an Application</a> # matching Application-Library-Allowable-Codebase dialogue ALACAMatchingMainTitle=The application <span color='red'> {0} </span> \ from <span color='red'> {1} </span> uses resources from the following remote locations:<br/>{2} <br/> \ Are you sure you want to run this application? ALACAMatchingInfo=For more information you can visit:<br/>\ <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \ JAR File Manifest Attributes</a> <br/> \ and<br/> <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html"> \ Preventing the Repurposing of an Application</a> # LS - Severity LSMinor=Minor LSFatal=Fatal # LC - Category LCSystem=System Error LCExternalLaunch=External Launch Error LCFileFormat=File Format Error LCReadError=Read Error LCClient=Application Error LCLaunching=Launch Error LCNotSupported=Unsupported Feature LCInit=Initialization Error LAllThreadGroup=All JNLP applications LNullUpdatePolicy=Update policy cannot be null. LThreadInterrupted=Thread interrupted while waiting for file to launch. LThreadInterruptedInfo=This can lead to deadlock or yield other damage during execution. Please restart your application/browser. LCouldNotLaunch=Could not launch JNLP file. LCouldNotLaunchInfo=The application has not been initialized, for more information execute javaws/browser from the command line and send a bug report. LCantRead=Could not read or parse the JNLP file. LCantReadInfo=You can try to download this file manually and send it as bug report to IcedTea-Web team. LNullLocation=Could not determine .jnlp file location. LNullLocationInfo=An attempt was made to launch a JNLP file in another JVM, but the file could not be located. In order to launch in an external JVM, the runtime must be able to locate the .jnlp file either in the local filesystem or on a server. LNetxJarMissing=Could not determine location of netx.jar. LNetxJarMissingInfo=An attempt was made to lauch a JNLP file in another JVM, but the netx.jar could not be located. In order to launch in an external JVM, the runtime must be able to locate the netx.jar file. LNotToSpec=JNLP file not strictly to spec. LNotToSpecInfo=The JNLP file contains data that is prohibited by the JNLP specification. The runtime can attempt to ignore the invalid information and continue launching the file. LNotApplication=Not an application file. LNotApplicationInfo=An attempt was made to load a non-application file as an application. LNotApplet=Not an applet file. LNotAppletInfo=An attempt was made to load a non-applet file as an applet. LNoInstallers=Installers not supported. LNoInstallersInfo=JNLP installer files are not yet supported. LInitApplet=Could not initialize applet. LInitAppletInfo=For more information click "more information button". LInitApplication=Could not initialize application. LInitApplicationInfo=The application has not been initialized, for more information execute javaws from the command line. LNotLaunchable=Not a launchable JNLP file. LNotLaunchableInfo=File must be a JNLP application, applet, or installer type. LCantDetermineMainClass=Unknown Main-Class. LCantDetermineMainClassInfo=Could not determine the main class for this application. LUnsignedJarWithSecurity=Cannot grant permissions to unsigned jars. LUnsignedJarWithSecurityInfo=Application requested security permissions, but jars are not signed. LSignedJNLPAppDifferentCerts=The JNLP application is not fully signed by a single cert. LSignedJNLPAppDifferentCertsInfo=The JNLP application has its components individually signed, however there must be a common signer to all entries. LUnsignedApplet=The applet was unsigned. LUnsignedAppletPolicyDenied=The applet was unsigned, and the security policy prevented it from running. LUnsignedAppletUserDenied=The applet was unsigned, and was not trusted. LPartiallySignedApplet=The applet was partially signed. LPartiallySignedAppletUserDenied=The applet was partially signed, and the user did not trust it. LSignedAppJarUsingUnsignedJar=Signed application using unsigned jars. LSignedAppJarUsingUnsignedJarInfo=The main application jar is signed, but some of the jars it is using aren't. LRunInSandboxError=Run in Sandbox call performed too late. LRunInSandboxErrorInfo=The classloader was notified to run the applet sandboxed, but security settings were already initialized. LSignedJNLPFileDidNotMatch=The signed JNLP file did not match the launching JNLP file. LNoSecInstance=Error: No security instance for {0}. The application may have trouble continuing LCertFoundIn={0} found in cacerts ({1}) LSingleInstanceExists=Another instance of this applet already exists and only one may be run at the same time. JNotApplet=File is not an applet. JNotApplication=File is not an application. JNotComponent=File is not a component. JNotInstaller=File is not an installer. JInvalidExtensionDescriptor=Extension does not refer to a component or installer (name={1}, location={2}). LNotVerified=Jars not verified. LCancelOnUserRequest=Canceled on user request. LFatalVerification=A fatal error occurred while trying to verify jars. LFatalVerificationInfo=An exception has been thrown in class JarCertVerifier. Being unable to read the cacerts or trusted.certs files could be a possible cause for this exception. LNotVerifiedDialog=Not all jars could be verified. LAskToContinue=Would you still like to continue running this application? # Parser PInvalidRoot=Root element is not a jnlp element. PNoResources=No resources element specified. PUntrustedNative=nativelib element cannot be specified unless a trusted environment is requested. PExtensionHasJ2SE=j2se element cannot be specified in a component extension file. PInnerJ2SE=j2se element cannot be specified within a j2se element. PTwoMains=Duplicate main attribute specified on a resources element (there can be only one) PNativeHasMain=main attribute cannot be specified on a nativelib element. PNoInfoElement=No information element specified. PMissingTitle=title PMissingVendor=vendor PMissingElement=The {0} section has not been specified for your locale nor does a default value exist in the JNLP file. PTwoDescriptions=Duplicate description elements of kind {0} are illegal. PSharing=sharing-allowed element is illegal in a standard JNLP file PTwoSecurity=Only one security element allowed per JNLP file. PEmptySecurity=security element specified but does not contain a permissions element. PTwoDescriptors=Only one application-desc element allowed per JNLP file. PTwoDesktops=Only one desktop element allowed PTwoMenus=Only one menu element allowed PTwoTitles=Only one title element allowed PTwoIcons=Only one icon element allowed PTwoUpdates=Only one update element is allowed PUnknownApplet=Unknown Applet PBadWidth=Invalid applet width. PBadHeight=Invalid applet height. PUrlNotInCodebase=Relative URL does not specify a subdirectory of the codebase. (node={0}, href={1}, base={2}) PBadRelativeUrl=Invalid relative URL (node={0}, href={1}, base={2}) PBadNonrelativeUrl=Invalid non-relative URL (node={0}, href={1}) PNeedsAttribute=The {0} element must specify a {1} attribute. PBadXML=Invalid XML document syntax. PBadHeapSize=Invalid value for heap size ({0}) # Runtime BLaunchAbout=Launching about window... BLaunchAboutFailure=Was not able to launch About window BNeedsFile=Must specify a .jnlp file RNoAboutJnlp=Unable to find about.jnlp BFileLoc=JNLP file location BBadProp=Incorrect property format {0} (should be key=value) BBadParam=Incorrect parameter format {0} (should be name=value) BNoDir=Directory {0} does not exist. BNoCodeOrObjectApplet=Applet tag must specify a 'code' or 'object' attribute. RNoResource=Missing Resource: {0} RShutdown=This exception to prevent shutdown of JVM, but the process has been terminated. RExitTaken=Exit class already set and caller is not exit class. RCantReplaceSM=Changing the SecurityManager is not allowed. RCantCreateFile=Cant create file {0} RCantDeleteFile=Cant delete file {0} RCantOpenFile=Could not open file {0} RCantWriteFile=Could not write to file {0} RFileReadOnly=Opening file in read-only mode RExpectedFile=Expected {0} to be a file but it was not RRemoveRPermFailed=Removing read permission on file {0} failed RRemoveWPermFailed=Removing write permissions on file {0} failed RRemoveXPermFailed=Removing execute permissions on file {0} failed RGetRPermFailed=Acquiring read permissions on file {0} failed RGetWPermFailed=Acquiring write permissions on file {0} failed RGetXPermFailed=Acquiring execute permissions on file {0} failed RCantCreateDir=Cant create directory {0} RCantRename=Cant rename {0} to {1} RDenyStopped=Stopped applications have no permissions. RExitNoApp=Can not exit the JVM because the current application cannot be determined. RNoLockDir=Unable to create locks directory ({0}) RNestedJarExtration=Unable to extract nested jar. RUnexpected=Unexpected {0} at {1} RConfigurationError=Fatal error while reading the configuration, continuing with empty. Please fix RConfigurationFatal=ERROR: a fatal error has occurred while loading configuration. Perhaps a global configuration was required but could not be found RFailingToDefault=Failing to default configuration RPRoxyPacNotSupported=Using Proxy Auto Config (PAC) files is not supported. RProxyFirefoxNotFound=Unable to use Firefox's proxy settings. Using "DIRECT" as proxy type. RProxyFirefoxOptionNotImplemented=Browser proxy option "{0}" ({1}) not supported yet. RBrowserLocationPromptTitle=Browser Location RBrowserLocationPromptMessage=Specify Browser Location RBrowserLocationPromptMessageWithReason=Specify Browser Location (the browser command "{0}" is invalid). BAboutITW=The IcedTea-Web project provides a Free Software web browser plugin running applets written in the Java programming language and an implementation of Java Web Start, originally based on the NetX project. Visit the IcedTea-Web homepage: http://icedtea.classpath.org/wiki/IcedTea-Web . Use "man javaws" or "javaws -help" for more information. BFileInfoAuthors=Names and email addresses of contributors to this project can be found in the file AUTHORS in the IcedTea-Web root directory. BFileInfoCopying=The full GPLv2 license of this project can be found in the file COPYING in the IcedTea-Web root directory. BFileInfoNews=News about releases of this project can be found in the file NEWS in the IcedTea-Web root directory. # Boot options, message should be shorter than this ----------------> BOUsage=javaws [-run-options] <jnlp file> BOUsage2=javaws [-control-options] BOJnlp = Location of JNLP file to launch (url or file). BOArg = Adds an application argument before launching. BOParam = Adds an applet parameter before launching. BOProperty = Sets a system property before launching. BOUpdate = Check for updates. BOLicense = Display the GPL license and exit. BOVerbose = Enable verbose output. BOAbout = Shows a sample application. BOVersion = Print the IcedTea-Web version and exit. BONosecurity= Disables the secure runtime environment. BONoupdate = Disables checking for updates. BOHeadless = Disables download window, other UIs. BOStrict = Enables strict checking of JNLP file format. BOViewer = Shows the trusted certificate viewer. BOXml = Uses a strict XML parser to parse the JNLP file. BOredirect = Follows HTTP redirects. BXnofork = Do not create another JVM. BXclearcache= Clean the JNLP application cache. BXignoreheaders= Skip jar header verification. BOHelp = Print this message and exit. # Cache CAutoGen=automatically generated - do not edit CNotCacheable={0} is not a cacheable resource CDownloading=Downloading CComplete=Complete CChooseCache=Choose a cache directory... CChooseCacheInfo=NetX needs a location for storing cache files. CChooseCacheDir=Cache directory CCannotClearCache=Can not clear the cache at this time. Try later. If the problem persists, try closing your browser(s) & JNLP applications. At the end you can try to kill all java applications. \\\n You can clear cache by javaws -Xclearcache or via itw-settings Cache -> View files -> Purge CFakeCache=Cache is corrupt. Fixing. CFakedCache=Cache was corrupt and has been fixed. It is strongly recommended that you run 'javaws -Xclearcache' and rerun your application as soon as possible. You can also use via itw-settings Cache -> View files -> Purge # Security SFileReadAccess=The application has requested read access to {0}. Do you want to allow this action? SFileWriteAccess=The application has requested write access to {0}. Do you want to allow this action? SDesktopShortcut=The application has requested permission to create a desktop launcher. Do you want to allow this action? SSigUnverified=The application's digital signature cannot be verified. Do you want to run the application? It will be granted unrestricted access to your computer. SSigVerified=The application's digital signature has been verified. Do you want to run the application? It will be granted unrestricted access to your computer. SSignatureError=The application's digital signature has an error. Do you want to run the application? It will be granted unrestricted access to your computer. SUntrustedSource=The digital signature could not be verified by a trusted source. Only run if you trust the origin of the application. SWarnFullPermissionsIgnorePolicy=The code executed will be given full permissions, ignoring any Java policies you may have. STrustedSource=The digital signature has been validated by a trusted source. SClipboardReadAccess=The application has requested read-only access to the system clipboard. Do you want to allow this action? SClipboardWriteAccess=The application has requested write-only access to the system clipboard. Do you want to allow this action? SPrinterAccess=The application has requested printer access. Do you want to allow this action? SNetworkAccess=The application has requested permission to establish connections to {0}. Do you want to allow this action? SNoAssociatedCertificate=<no associated certificate> SUnverified=(unverified) SAlwaysTrustPublisher=Always trust content from this publisher SHttpsUnverified=The website's HTTPS certificate cannot be verified. SRememberOption=<b>Remember this option?</b> SRememberAppletOnly=For applet SRememberCodebase=For site <u>{0}</u> SUnsignedSummary=An unsigned Java application wants to run SUnsignedDetail=An unsigned application from the following location wants to run:<br/> <u>{0}</u><br/>The page which made the request was:<br/> <u>{1}</u><br/><br/><b>It is recommended you only run applications from sites you trust.</b> SUnsignedAllowedBefore=<font color="green">You have accepted this applet previously.</font> SUnsignedRejectedBefore=<font color="red">You have rejected this applet previously.</font> SUnsignedQuestion=Allow the applet to run? SPartiallySignedSummary=Only parts of this application code are signed. SPartiallySignedDetail=This application contains both signed and unsigned code. While signed code is safe if you trust the provider, unsigned code may imply code outside of the trusted provider's control. SPartiallySignedQuestion=Do you wish to proceed and run this application anyway? SAuthenticationPrompt=The {0} server at {1} is requesting authentication. It says "{2}" SJNLPFileIsNotSigned=This application contains a digital signature in which the launching JNLP file is not signed. SAppletTitle=Applet title: {0} STrustedOnlyAttributeFailure=This application specifies Trusted-only as True in its Manifest. {0} and requests permission level: {1}. This is not allowed. STOAsignedMsgFully = The applet is fully signed STOAsignedMsgAndSandbox = The applet is fully signed and sandboxed STOAsignedMsgPartiall = The applet is not fully signed STempPermNoFile=No file access STempPermNoNetwork=No network access STempPermNoExec=No command execution STempNoFileOrNetwork=No file or network access STempNoExecOrNetwork=No command execution or network access STempNoFileOrExec=No file access or command execution STempNoFileOrNetworkOrExec=No file access, network access, or command execution STempAllMedia=All media STempSoundOnly=Play audio STempClipboardOnly=Access clipboard STempPrintOnly=Print documents STempAllFileAndPropertyAccess=All file and properties access STempReadLocalFilesAndProperties=Read-only local files and properties STempReflectionOnly=Java Reflection only # Security - used for the More Information dialog SBadKeyUsage=Resources contain entries whose signer certificate's KeyUsage extension doesn't allow code signing. SBadExtendedKeyUsage=Resources contain entries whose signer certificate's ExtendedKeyUsage extension doesn't allow code signing. SBadNetscapeCertType=Resources contain entries whose signer certificate's NetscapeCertType extension doesn't allow code signing. SHasExpiredCert=The digital signature has expired. SHasExpiringCert=Resources contain entries whose signer certificate will expire within six months. SNotYetValidCert=Resources contain entries whose signer certificate is not yet valid. SUntrustedCertificate=The digital signature was generated with an untrusted certificate. STrustedCertificate=The digital signature was generated with a trusted certificate. SCNMisMatch=The expected hostname for this certificate is: "{0}"<br/>The address being connected to is: "{1}" SRunWithoutRestrictions=This application will be run without the security restrictions normally provided by Java. SCertificateDetails=Certificate Details # Security - certificate information SIssuer=Issuer SSerial=Serial SMD5Fingerprint=MD5 Fingerprint SSHA1Fingerprint=SHA1 Fingerprint SSignature=Signature SSignatureAlgorithm=Signature Algorithm SSubject=Subject SValidity=Validity # Certificate Viewer CVCertificateViewer=Certificates CVCertificateType=Certificate Type CVDetails=Details CVExport=Export CVExportPasswordMessage=Enter password to protect key file: CVImport=Import CVImportPasswordMessage=Enter password to access file: CVIssuedBy=Issued By CVIssuedTo=Issued To CVPasswordTitle=Authentication Required CVRemove=Remove CVRemoveConfirmMessage=Are you sure you want to remove the selected certificate? CVRemoveConfirmTitle=Confirmation - Remove Certificate? CVUser=User CVSystem=System # KeyStores: see KeyStores.java KS=KeyStore KSCerts=Trusted Certificates KSJsseCerts=Trusted JSSE Certificates KSCaCerts=Trusted Root CA Certificates KSJsseCaCerts=Trusted JSSE Root CA Certificates KSClientCerts=Client Authentication Certificates # Deployment Configuration messages DCIncorrectValue=Property "{0}" has incorrect value "{1}". Possible values {2}. DCInternal=Internal error: {0} DCSourceInternal=<internal> DCUnknownSettingWithName=Property "{0}" is unknown. DCmaindircheckNotexists=After all attempts, your configuration directory {0} do not exists. DCmaindircheckNotdir=Your configuration directory {0} is not directory. DCmaindircheckRwproblem=Your configuration directory {0} can not be read/written properly. # Value Validator messages. Messages should follow "Possible values ..." VVPossibleValues=Possible values {0} VVPossibleBooleanValues=are {0} or {1} VVPossibleFileValues=include an absolute path to a file or directory VVPossibleRangedIntegerValues=are in range {0} to {1} (inclusive) VVPossibleUrlValues=include any valid url (eg http://icedtea.classpath.org/hg/) # Control Panel - Main CPMainDescriptionShort=Configure IcedTea-Web CPMainDescriptionLong=Configure how the browser plugin (IcedTeaNPPlugin) and javaws (NetX) work # Control Panel - Tab Descriptions CPAboutDescription=View version information about IcedTea Control Panel. CPNetworkSettingsDescription=Configure network settings, including how IcedTea-Web connects to the internet and whether to use any proxies. CPTempInternetFilesDescription=Java stores application data for faster execution the next time you run it. CPJRESettingsDescription=View and manage Java Runtime Environment versions and settings for Java applications and applets. CPCertificatesDescription=Use certificates to positively identify yourself, certifications, authorities, and plublishers. CPSecurityDescription=Use this to configure security settings. CPDebuggingDescription=Enable options here to help with debugging CPDesktopIntegrationDescription=Set whether or not to allow creation of desktop shortcut. CPJVMPluginArguments=Set JVM arguments for plugin. CPJVMitwExec=Set JVM for IcedTea-Web \u2014 working best with OpenJDK CPJVMitwExecValidation=Validate JVM for IcedTea-Web CPJVMPluginSelectExec=Browse for JVM for IcedTea-Web CPJVMnone=No validation result for CPJVMvalidated=Validation result for CPJVMvalueNotSet=Value is not set. Hardcoded JVM will be used. CPJVMnotLaunched=Error, process was not launched, see console output for more info. CPJVMnoSuccess=Error, process have not ended successfully, see output for details, but your java is not set correctly. CPJVMopenJdkFound=Excellent, OpenJDK detected CPJVMoracleFound=Great, Oracle java detected CPJVMibmFound=Good, IBM java detected CPJVMgijFound=Warning, gij detected CPJVMstrangeProcess=Your path had an executable process, but it was not recognized. Verify the Java version in the console output. CPJVMnotDir=Error, The path you chose is not a directory. CPJVMisDir=Ok, the path you chose is a directory. CPJVMnoJava=Error, the directory you chose does not contain bin/java. CPJVMjava=Ok, the directory you chose contains bin/java. CPJVMnoRtJar=Error, the directory you chose does not contain lib/rt.jar CPJVMrtJar=Ok, the directory you chose contains lib/rt.jar. CPJVMPluginAllowTTValidation=Validate JRE immediately CPJVMNotokMessage1=You have entered invalid JDK value <u>({0})</u> with following error message: CPJVMNotokMessage2=You might be seeing this message because: <blockquote> * Some validity tests have not been passed<br/> * Non-OpenJDK is detected</blockquote>With invalid JDK IcedTea-Web will probably not be able to start.<br/>You will have to modify or remove <u>{0}</u> property in your configuration file <u>{1}</u>. <br/>You should try to search for OpenJDK in your system or be sure you know what you are doing. CPJVMconfirmInvalidJdkTitle=Confirm invalid JDK CPJVMconfirmReset=Reset to default? CPPolicyDetail=View or edit your user-level Java Policy File. This allows you to grant or deny runtime permissions to applets regardless of the standard security sandboxing rules. CPPolicyTooltip=Open {0} in policy editor CPPolicyEditorNotFound=Could not find a system policy file editor. Check that policytool is on your PATH. # Control Panel - Buttons CPButAbout=About... CPButNetworkSettings=Network Settings... CPButSettings=Settings... CPButView=View... CPButCertificates=Certificates... CPButSimpleEditor=Simple editor CPButAdvancedEditor=Advanced editor # Control Panel - Headers CPHead=IcedTea-Web Control Panel CPHeadAbout=\u00a0About\u00a0IcedTea-Web\u00a0 CPHeadNetworkSettings=\u00a0Network\u00a0Proxy\u00a0Settings\u00a0 CPHeadTempInternetFiles=\u00a0Temporary\u00a0Internet\u00a0Files\u00a0 CPHeadJRESettings=\u00a0Java\u00a0Runtime\u00a0Environment\u00a0Settings\u00a0 CPHeadCertificates=\u00a0Certificates\u00a0 CPHeadDebugging=\u00a0Debugging\u00a0Settings\u00a0 CPHeadDesktopIntegration=\u00a0Desktop\u00a0Integrations\u00a0 CPHeadSecurity=\u00a0Security\u00a0Settings\u00a0 CPHeadJVMSettings=\u00a0JVM\u00a0Settings\u00a0 CPHeadPolicy=\u00a0Custom\u00a0Policy\u00a0Settings\u00a0 # Control Panel - Tabs CPTabAbout=About IcedTea-Web CPTabCache=Cache CPTabCertificate=Certificates CPTabClassLoader=Class Loaders CPTabDebugging=Debugging CPTabDesktopIntegration=Desktop Integration CPTabNetwork=Network CPTabRuntimes=Runtimes CPTabSecurity=Security CPTabJVMSettings=JVM Settings CPTabPolicy=Policy Settings # Control Panel - AboutPanel CPAboutInfo=This is the control panel for setting deployments.properties.<br/>Not all options will take effect until implemented.<br/>The use of multiple JREs is currently limited to OpenJDK.<br/> # Control Panel - AdvancedProxySettings APSDialogTitle=Network Settings APSServersPanel=Servers APSProxyTypeLabel=Type APSProxyAddressLabel=Proxy Address APSProxyPortLabel=Proxy Port APSLabelHTTP=HTTP APSLabelSecure=Secure APSLabelFTP=FTP APSLabelSocks=Socks APSSameProxyForAllProtocols=Use the same proxy server for all protocols. APSExceptionsLabel=Exceptions APSExceptionsDescription=Do not use proxy server for addresses beginning with APSExceptionInstruction=Separate each entry with a semicolon. # Control Panel - DebugginPanel CPDebuggingPossibilites=Logging outputs DPEnableLogging=Enable debugging DPEnableLoggingHint=When this switch is on, then also debug messages are logged. Same as -verbose or ICEDTEAPLUGIN_DEBUG=true DPEnableHeaders=Enable headers DPEnableHeadersHint=When this switch is on, each logged message have header with additional information like user, place in code and time DPEnableFile=Enable logging to file CPFilesLogsDestDir=File logs directory CPFilesLogsDestDirResert=Reset to default DPEnableFileHint=output messages will be saved to file in your {0} directory DPEnableStds=Enable logging to standard outputs DPEnableStdsHint=messages will be printed to standard outputs DPEnableSyslog=Enable logging to system logs DPEnableSyslogHint=output messages will be saved to system logs DPDisable=Disable DPHide=Hide on startup DPShow=Show on startup DPShowPluginOnly=Show on plugin startup DPShowJavawsOnly=Show on javaws startup DPJavaConsole=Java Console DPJavaConsoleDisabledHint=Java console is disabled. Use itweb-settings to configure it out of disabled to any show or hide value. # PolicyEditor PEUsage=policyeditor [-file policyfile] PEHelpFlag=Print this message and exit PEFileFlag=Specify a policyfile path to open PECodebaseFlag=Specify (a) codebase URL(s) to add and/or focus in the editor PETitle=Policy Editor PEReadProps=Read system properties PEReadPropsDetail=Allow applets to read system properties such as your username and home directory location PEWriteProps=Write system properties PEWritePropsDetail=Allow applets to (over)write system properties PEReadFiles=Read from local files PEReadFilesDetail=Allow applets to read from files in your home directory PEWriteFiles=Write to local files PEWriteFilesDetail=Allow applets to write to files in your home directory PEDeleteFiles=Delete local files PEDeleteFilesDetail=Allow applets to delete files in your home directory PEReadSystemFiles=Read all system files PEReadSystemFilesDetail=Allow applets read-only access to all locations on your computer PEWriteSystemFiles=Write all system files PEWriteSystemFilesDetail=Allow applets write-only access to all locations on your computer PEReadTempFiles=Read from temp files PEReadTempFilesDetail=Allow applets to read from your temporary files directory PEWriteTempFiles=Write to temp files PEWriteTempFilesDetail=Allow applets to write to your temporary files directory PEDeleteTempFiles=Delete temp files PEDeleteTempFilesDetail=Allow applets to delete files in your temporary files directory PEAWTPermission=Window System Access PEAWTPermissionDetail=Allow applets all AWT windowing system access PEClipboard=Access clipboard PEClipboardDetail=Allow applets to read from and write to your clipboard PENetwork=Access the network PENetworkDetail=Allow applets to establish any network connections PEPrint=Print documents PEPrintDetail=Allow applets to queue print jobs PEPlayAudio=Play sounds PEPlayAudioDetail=Allow applets to play sounds, but not record PERecordAudio=Record audio PERecordAudioDetail=Allow applets to record audio, but not play back PEReflection=Java reflection PEReflectionDetail=Allow applets to access the Java Reflection API PEClassLoader=Get ClassLoader PEClassLoaderDetail=Allow applets to access the system classloader (often used with Reflection) PEClassInPackage=Access other packages PEClassInPackageDetail=Allow applets to access classes from other applet packages (often used with Reflection) PEDeclaredMembers=Access private class data PEDeclaredMembersDetail=Allow applets to access normally hidden data from other Java classes (often used with Reflection) PEAccessThreads=Modify threads PEAccessThreadsDetail=Allow applets to start, stop, and otherwise manage threads PEAccessThreadGroups=Modify threadgroups PEAccessThreadGroupsDetail=Allow applets to start, stop, and otherwise manage thread groups PEExec=Execute commands PEExecDetail=Allow applets to execute system commands PEGetEnv=Get environment variables PEGetEnvDetail=Allow applets to read system environment variables PECouldNotOpen=Unable to open policy file PECouldNotSave=Unable to save policy file PEAddCodebase=Add new Codebase PERemoveCodebase=Remove PECodebasePrompt=Enter a new codebase PEGlobalSettings=All Applets PESaveChanges=Save changes before exiting? PEChangesSaved=Changes saved PECheckboxLabel=Permissions PECodebaseLabel=Codebases PEFileMenu=File PEOpenMenuItem=Open... PESaveMenuItem=Save PESaveAsMenuItem=Save As... PEExitMenuItem=Exit PEViewMenu=View PECustomPermissionsItem=Custom Permissions... PEFileModified=File Modification Warning PEFileModifiedDetail=The policy file at {0} has been modified since it was opened. Reload and re-edit before saving? PEGAccesUnowenedCode = Execute unowned code PEGMediaAccess = Media access PEGrightClick = right click to fold/unfold PEGReadFileSystem = Read to system PEGWriteFileSystem = Write to system # Policy Editor CustomPolicyViewer PECPTitle=Custom Policy Viewer PECPListLabel=Other policies for {0} PECPAddButton=Add PECPRemoveButton=Remove PECPCloseButton=Close PECPType=type PECPTarget=target PECPActions=actions PECPPrompt=Enter a custom permission. Do not include \"permission\" or punctuation marks. # PolicyEditor key mnemonics. See KeyEvent.VK_* # N PEAddCodebaseMnemonic=78 # R PERemoveCodebaseMnemonic=82 # A PEOkButtonMnemonic=65 # C PECancelButtonMnemonic=67 # F PEFileMenuMnemonic=70 # I PEViewMenuMnemonic=73 # O PEOpenMenuItemMnemonic=79 # S PESaveMenuItemMnemonic=83 # A PESaveAsMenuItemMnemonic=65 # X PEExitMenuItemMnemonic=88 # U PECustomPermissionsItemMnemonic=85 #conole itself labels CONSOLErungc = Run GC CONSOLErunFinalizers = Run Finalizers CONSOLErunningFinalizers = Running finalization.... CONSOLEmemoryInfo = Memory Info CONSOLEsystemProperties = System Properties CONSOLEclassLoaders = Available Classloaders CONSOLEthreadList = Thread List CONSOLEthread = Thread CONSOLEnoClassLoaders = No Classloader info exists in system CONSOLEmemoryMax = Max Memory CONSOLEmemoryTotal = Total Memory CONSOLEmemoryFree = Free Memory CONSOLEClean=Clear # console output pane labels COPsortCopyAllDate=sort copy all by date COPshowHeaders=Show headers: COPuser=user COPorigin=origin COPlevel=level COPdate=date COPthread1=thread 1 COPthread2=thread 2 COPShowMessages=Show messages COPstdOut=std. Out COPstdErr=std. Err COPjava=java COPplugin=plugin COPpreInit=pre-init COPpluginOnly=plugin only COPSortBy=Sort by COPregex=Regular expression filter COPAsArrived=As arrived (no sort) COPcode=code COPmessage=message COPSearch=Search COPautoRefresh=auto refresh COPrefresh=refresh COPApply=Apply COPmark=mark COPCopyAllPlain=Copy all (plain) COPCopyAllRich=Copy all (rich) COPnext=next>>> COPprevious=<<<previous COPcaseSensitive=case sensitive COPincomplete=incomplete COPhighlight=highlight COPwordWrap=word wrap COPdebug=debug COPinfo=info COPpostInit=post-init COPcomplete=complete COPmatch=match COPnot=not COPrevert=revert COPitw=IcedTea-Web COPclientApp=Client app. # Control Panel - DesktopShortcutPanel DSPNeverCreate=Never create DSPAlwaysAllow=Always allow DSPAskUser=Ask user DSPAskIfHinted=Ask if hinted DSPAlwaysIfHinted=Always if hinted # Control Panel - NetworkSettingsPanel NSDescription-1=Unknown Setting. NSDescription0=Use direct connection. NSDescription1=Override browser proxy settings. NSDescription2=Use automatic proxy configuration script at the specified location. NSDescription3=Use proxy settings from your default browser to connect to the internet. NSAddress=Address NSPort=Port NSAdvanced=Advanced NSBypassLocal=Bypass proxy server for local addresses NSDirectConnection=Direct connection NSManualProxy=Manual proxy server NSAutoProxy=Automatic proxy configuration script NSBrowserProxy=Use browser settings NSScriptLocation=Script location # Control Panel - SecurityGeneralPanel SGPAllowUserGrantSigned=Allow users to grant permissions to signed content SGPAllowUserGrantUntrust=Allow users to grant permissions to content from an untrusted authority SGPUseBrowserKeystore=Use certificates and keys in browser keystore (Unsupported) SGPUsePersonalCertOneMatch=Use personal certificate automatically if only one matches server request (Unsupported) SGPWarnCertHostMismatch=Warn if site certificate does not match hostname SGPShowValid=Show site certificate even if it is valid (Unsupported) SGPShowSandboxWarning=Show sandbox warning banner SGPAllowUserAcceptJNLPSecurityRequests=Allow user to accept JNLP security requests SGPCheckCertRevocationList=Check certificates for revocation using Certificate Revocation Lists (CRLs) (Unsupported) SGPEnableOnlineCertValidate=Enable online certificate validation (Unsupported) SGPEnableTrustedPublisherList=Enable list of trusted publishers (Unsupported) SGPEnableBlacklistRevocation=Enable blacklist revocation check (Unsupported) SGPEnableCachingPassword=Enable caching password for authentication (Unsupported) SGPUseSSL2=Use SSL 2.0 compatible ClientHello format (Unsupported) SGPUseSSL3=Use SSL 3.0 (Unsupported) SGPUseTLS1=Use TLS 1.0 (Unsupported) # Control Panel - TemporaryInternetFilesPanel TIFPEnableCache=Keep temporary files on my computer TIFPLocation=\u00a0Location\u00a0 TIFPLocationLabel=Select the location where temporary files are kept TIFPChange=Change TIFPDiskSpace=\u00a0Disk\u00a0space\u00a0 TIFPCompressionLevel=Select the compression level for JAR files TIFPNone=None TIFPMax=Max TIFPCacheSize=Set the amount of disk space for storing temporary files (MB) TIFPDeleteFiles=Delete files TIFPViewFiles=View files... TIFPFileChooserChooseButton=Choose # Control Panel - Cache Viewer CVCPDialogTitle=Cache Viewer CVCPButRefresh=Refresh CVCPButDelete=Delete CVCPCleanCache=Purge CVCPCleanCacheTip=Some errors may be caused by old files in your cache. Before submitting the bug, you may clear cache and try to run application again. \\\n You can clear cache by javaws -Xclearcache or via itw-settings Cache -> View files -> Purge CVCPColLastModified=Last Modified CVCPColSize=Size (Bytes) CVCPColDomain=Domain CVCPColType=Type CVCPColPath=Path CVCPColName=Name # Control Panel - Misc. CPJRESupport=IcedTea-Web currently does not support the use of multiple JREs. CPInvalidPort=Invalid port number given.\n[Valid port numbers are 1-65535] CPInvalidPortTitle=Error on input. # command line control panel CLNoInfo=No information avaiable (is this a valid option?). CLValue=Value: {0} CLValueSource=Source: {0} CLDescription=Description: {0} CLUnknownCommand=Unknown command {0} CLUnknownProperty=Unknown property-name "{0}" CLWarningUnknownProperty=WARNING: Unknown property name "{0}" - creating new property CLNoIssuesFound=No issues found. CLIncorrectValue=Property "{0}" has incorrect value "{1}". Possible values {2}. CLListDescription=Shows a list of all property names and values that are in use by IcedTea-Web CLGetDescription=Shows the value for property-name CLSetDescription=Sets the property-name to value if possible. The value is checked for being valid. If the administrator has locked the property, this will have no effect CLResetDescription=Resets the value for property-name to it\'s default value.\nall resets all properties recognized by IcedTea-Web to their default value. CLInfoDescription=Shows more information about the given property CLCheckDescription=Shows any properties that have been defined but are not recognized by IcedTea-Web CLHelpDescription=The itweb-settings tool allows a user to modify, view and check configuration.\nTo use the GUI, do not pass any arguments. To use the CLI mode, pass in the approrpiate command and parameters. For help with a particular command, try: {0} command help # splash screen related SPLASHerror = Click here for details. An exception has occurred. SPLASH_ERROR = ERROR SPLASHtitle = Title SPLASHvendor = Vendor SPLASHhomepage = Homepage SPLASHdescription = Description SPLASHClose= Close SPLASHclosewAndCopyException = Close and copy the stack trace to clipboard SPLASHexOccured = An exception has occurred... SPLASHHome = Home SPLASHcantCopyEx = Can not copy exception SPLASHnoExRecorded = No exception recorded SPLASHmainL1 = For even more information you can visit {0} and follow the steps described there on how to obtain necessary information to file bug SPLASHurl = http://icedtea.classpath.org/wiki/IcedTea-Web#Filing_bugs SPLASHurlLooks = http://icedtea.classpath.org/wiki/IcedTea-Web SPLASHmainL3 = No further information available, try to launch the browser from the command line and examine the output. SPLASHcloseAndCopyShorter = Close and copy to clipboard SPLASHmainL4 = The folloing exception has occured. For more information, try to launch the browser from the command line and examine the output. SPLASHmainL2 = Additional information may be available in the console or logs. Even more information is available if debugging is enabled. SPLASHexWas = Exception was: SPLASHcfl = Can't follow link to SPLASHvendorsInfo = Information from vendor of your application SPLASHanotherInfo = Another available info SPLASHdefaultHomepage = Unspecified homepage, verify source rather SPLASHerrorInInformation = Error during loading of information element, verify source rather SPLASHmissingInformation = Information element is missing, verify source rather SPLASHchainWas = This is the list of exceptions that occurred launching your applet. Please note, those exceptions can originate from multiple applets. For a helpful bug report, be sure to run only one applet. CBCheckFile = The application is a local file. Codebase validation is disabled. See: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details. CBCheckNoEntry = This application does not specify a Codebase in its manifest. Please verify with the applet's vendor. Continuing. See: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details. CBCheckUnsignedPass = Codebase matches codebase manifest attribute, but application is unsigned. Continuing. See: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details. CBCheckUnsignedFail= The application's codebase does NOT match the codebase specified in its manifest, but the application is unsigned. Continuing. See: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details. CBCheckOkSignedOk = Codebase matches codebase manifest attribute, and application is signed. Continuing. See: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details. CBCheckSignedAppletDontMatchException = Signed applets are not allowed to run when their actual Codebase does not match the Codebase specified in their manifest. Expected: {0}. Actual: {1}. See: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details. CBCheckSignedFail = Application Codebase does NOT match the Codebase specified in the application's manifest, and this application is signed. You are strongly discouraged from running this application. See: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html for details. APPEXTSECappletSecurityLevelExtraHighId=Disable running of all Java applets APPEXTSECappletSecurityLevelVeryHighId=Very High Security APPEXTSECappletSecurityLevelHighId=High Security APPEXTSECappletSecurityLevelLowId=Low Security APPEXTSECappletSecurityLevelExtraHighExplanation=No applet will be run APPEXTSECappletSecurityLevelVeryHighExplanation=No unsigned applets will be run APPEXTSECappletSecurityLevelHighExplanation=User will be prompted for each unsigned applet APPEXTSECappletSecurityLevelLowExplanation=All, even unsigned, applets will be run APPEXTSECunsignedAppletActionAlways=Always trust this (matching) applet(s) APPEXTSECunsignedAppletActionNever=Never trust this (matching) applet(s) APPEXTSECunsignedAppletActionYes=This applet was visited and allowed APPEXTSecunsignedAppletActionSandbox=This applet was visited and allowed to run with restricted privileges APPEXTSECunsignedAppletActionNo=This applet was visited and denied APPEXTSECControlPanelExtendedAppletSecurityTitle=Extended applet security APPEXTSECguiTableModelTableColumnAction=Action APPEXTSECguiTableModelTableColumnDateOfAction=Date of action APPEXTSECguiTableModelTableColumnDocumentBase=Document-base APPEXTSECguiTableModelTableColumnCodeBase=Code-base APPEXTSECguiTableModelTableColumnArchives=Archives APPEXTSECguiPanelAppletInfoHederPart1={0} {1} APPEXTSECguiPanelAppletInfoHederPart2={0} from {1} APPEXTSECguiPanelConfirmDeletionOf=Are you sure you want to delete following {0} items APPEXTSECguiPanelHelpButton=Help APPEXTSECguiPanelSecurityLevel=Security Level APPEXTSECguiPanelGlobalBehaviourCaption=Settings of global behavior for applets APPEXTSECguiPanelDeleteMenuSelected=selected APPEXTSECguiPanelDeleteMenuAllA=all allowed (A) APPEXTSECguiPanelDeleteMenuAllN=all forbidden (N) APPEXTSECguiPanelDeleteMenuAlly=all approved (y) APPEXTSECguiPanelDeleteMenuAlln=all rejected (n) APPEXTSECguiPanelDeleteMenuAllAll=absolute all APPEXTSECguiPanelDeleteButton=Delete APPEXTSECguiPanelDeleteButtonToolTip=You can press delete key during browsing the table. It will act as delete selected APPEXTSECguiPanelTestUrlButton=Test url APPEXTSECguiPanelAddRowButton=Add new row APPEXTSECguiPanelValidateTableButton=Validate table APPEXTSECguiPanelAskeforeActionBox=Ask me before action APPEXTSECguiPanelShowRegExesBox=Show full regular expressions APPEXTSECguiPanelInverSelection=Invert selection APPEXTSECguiPanelMoveRowUp=Move row up APPEXTSECguiPanelMoveRowDown=Move row down APPEXTSECguiPanelCustomDefs=User definitions APPEXTSECguiPanelGlobalDefs=System definitions APPEXTSECguiPanelDocTest=Type document base URL APPEXTSECguiPanelCodeTest=Type code base URL APPEXTSECguiPanelNoMatch=Nothing matched APPEXTSECguiPanelMatchingNote=Please note, that only first matched result will be considered as result. APPEXTSECguiPanelMatched=Matched APPEXTSECguiPanelMatchingError=Error during matching: {0} APPEXTSECguiPanelCanNotValidate=Can not validate, can not create tmp file - {0} APPEXTSECguiPanelEmptyDoc=All document-bases must be full APPEXTSECguiPanelEmptyCode=All code-bases must be full APPEXTSECguiPanelTableValid=Table looks valid APPEXTSECguiPanelTableInvalid=Invalid with following error: {0} APPEXTSECguiPanelShowOnlyPermanent=Show only permanent records APPEXTSECguiPanelShowOnlyTemporal=Show only previously temporarily decided records APPEXTSECguiPanelShowAll=Show all records APPEXTSECguiPanelShowOnlyPermanentA=Show only allowed permanent records APPEXTSECguiPanelShowOnlyPermanentN=Show only forbidden permanent records APPEXTSECguiPanelShowOnlyTemporalY=Show previously allowed applets records APPEXTSECguiPanelShowOnlyTemporalN=Show previously denied applets records APPEXTSEChelpHomeDialogue=Dialogue APPEXTSEChelp=<body> \ <h1>Help for Extended applet security - itw-settings, files and structures, dialogue</h1> \ <p> \ Extended Applet Security refers to security features for unsigned applets. Traditionally, only signed applets required user confirmation and unsigned applets ran automatically. This is represented by the 'low security' setting. Unsigned applets must be allowed or disallowed individually on 'high security' (the default), and additionally do not run at all on 'very high security'. In theory, unsigned applets can safely run automatically. In practice, however, any vulnerability in the Java security sandbox will prevent this from being true. \ </p> \ <p> \ To do so it uses the <b>Security Level</b> main settings switch rules in the tables of <b>Custom definitions</b> and <b>Global definitions</b><br/> \ You can read much more about development of (and help us to improve!) this feature at <a href="http://icedtea.classpath.org/wiki/Extended_Applets_Security">dedicated IcedTea-Web page</a> \ </p> \ <A name="level"><h2>Security Level</h2></A> \ <p> \ Its a main switch for "extended applet security". Its value is commonly stored in usrs_home/.icedtea/deployment.properties, but can be enforced via global settings in /etc/.java/deployment/deployment.properties or JAVA_HOME/lib/deployment.properties under the key <b>deployment.security.level</b><br/> \ <li/><b>Disable running of all Java applets</b> - stored as <i>DENY_ALL</i> - No applet will be run<br/> \ <blockquote cite="" > \ No applet will be allowed to run. However the Java virtual machine will always be executed (and an error screen with reason appear instead of applets). To disable Java completely you can uninstall IcedTea-Web or disable it in your browser (if supported). The tables with records are of course ignored. \ </blockquote> \ <li/><b>Very High Security</b> - stored as <i>DENY_UNSIGNED</i> - No unsigned applets will be run<br/> \ <blockquote cite="" > \ No applet <b>unsigned</b> will be allowed to run (and an error screen with reason will appear instead of such applets). The tables with records are of course again ignored. \ </blockquote> \ <li/><b>High Security</b> - stored as <i>ASK_UNSIGNED</i> - User will be prompted for each unsigned applet<br/> \ <blockquote cite="" > \ All <b>unsigned</b> applets will be tested against the tables below if they should be allowed or forbidden to run. If they are not matched in the table then the user is prompted and the decision is stored in <a href="#table">tables</a> below. If the user denies the applet, an error screen with reason appears and the applet does not run. If the user allows applets to run, the user can choose to save this decision and whether to allow just one applet or a whole group of applets (see <a href="#dialogue"><b>Dialogue</b> paragraph </a>below). \ <br/>This is default behavior. \ </blockquote> \ <li/><b>Low Security</b> - stored as <i>ALLOW_UNSIGNED</i> - All, even unsigned, applets will be run<br/> \ <blockquote cite="" > \ All applets <b>even unsigned</b> will be allowed to run. User will not be warned and the tables with records are of course again ignored. \ </blockquote> \ You need to press <b>ok</b> or <b>apply</b> button to make the changes take effect. \ </p> \ \ \ <h2><A name="table">Table with recorded actions</A></h2> \ <p> \ <h4>Custom x Global table</h4> \ After each action in <b>High Security</b> dialogue the record is added to, or updated in, the table or configuration file. Commonly in users file - home/.icedtea/.appletTrustSettings - "Custom definition" panel.<br/> \ But superuser can specify default behavior in /etc/.java/deployment/ .appletTrustSettings - "Global definition" panel.<br/> \ <h4>"Syntax"</h4> \ <li/><b>Action</b> - Desired behavior when applet is matched<br/> \ <blockquote cite="" > \ <li/><b>Always trust this applet</b> - This unsigned applet will always be run in High Security Security Level. It is stored as <i>A</i> in .appletTrustSettings<br/> \ <li/><b>Never trust this applet</b> - This unsigned applet will never be run in High Security Security Level. It is stored as <i>N</i> in .appletTrustSettings<br/> \ <li/><b>Visited and allowed</b> - When the user is asked about this applet again, a note that this applet was already trusted in past will be displayed. It is stored as <i>y</i> in .appletTrustSettings<br/> \ <li/><b>Visited and denied</b> - When user will be asked about this applet again, he will see information that this applet was already denied in past. It is stored as <i>n</i> in .appletTrustSettings<br/> \ </blockquote> \ <li/><b>Date</b> - date of last action on this item (read only item)<br/> \ <li/><b>Document base</b> - is the page from which the applet was requested. It is actually a regular expression to match a specific URL. See about regular expressions and their usage <a href="#regexes">lower</a><br/> \ <li/><b>Code base</b> - is the URL where an applets code came from. It is actually a regular expression to match a specific URL. See about regular expressions and their usage <a href="#regexes">lower</a><br/> \ <li/><b>Archives</b> - coma separated list of archives with applet's code. Can be empty if source code are just classes or group of applets is allowed<br/> \ <br/> \ When you change a value in the table, its effect is immediate. \ <h4>Controls of tables</h4> \ <p> \ <li/><b>Delete</b> - deletes items as specified in combo box on side<br/> \ <blockquote cite="" > \ <li/><b>selected</b> - removes all selected items. Key <b>Del</b> does the same. Default behavior. <b>Multiple selections</b> allowed. Selection can be inverted by button even more on side<br/> \ <li/><b>all allowed (A)</b> - removes all permanently trusted records<br/> \ <li/><b>all forbidden (N)</b> - removes all permanently forbidden records<br/> \ <li/><b>all approved (y)</b> - removes all previously (temporarily) trusted records<br/> \ <li/><b>all rejected (n)</b> - removes all previously (temporarily) denied records<br/> \ <li/><b>all</b> - will clear the table<br/> \ <br/> \ <b>Ask me before action</b> - switch to ask before each deletion (in bulk) or not to ask. Asking dialogue can be pretty long, so if you do not see the buttons, just press <b>Esc</b> \ </blockquote> \ <li/><b>Show full regular expressions</b> - Disable or Enable filtering of quotation marks \Q\E in code/document base columns. About regular expressions see more <a href="#regexes">lower</a><br/> \ <br/> \ <li/>Filtering in table(s)<br/> \ <blockquote cite="" > \ <li/><b>Show only permanent records</b> - Shows only permanently allowed <b>(A)</b> or denied <b>(N)</b> records. Default behavior<br/> \ <li/><b>Show only temporarily decided records</b> - Shows only once allowed <b>(y)</b> or denied <b>(n)</b> informative records.<br/> \ <li/><b>Show only permanently allowed records</b> - Shows only permanently allowed <b>(A)</b> records<br/> \ <li/><b>Show only permanently denied records</b> - Shows only permanently denied <b>(N)</b> records<br/> \ <li/><b>Show only temporarily allowed records</b> - Shows only once allowed <b>(y)</b> informative records.<br/> \ <li/><b>Show only temporarily denied records</b> - Shows only once denied <b>(n)</b> informative records.<br/> \ </blockquote> \ </p> \ <li/><b>Add new row</b> - will add new, exemplary filled, row with current date and empty archives <br/> \ <li/><b>Validate table</b> - will test if table can save, load, and if each value is valid:<br/> \ <blockquote cite="" > \ <li/><b>Action</b> - is one of A,N,y,n<br/> \ <li/><b>Date</b> - is valid date<br/> \ <li/><b>Code base and document base</b> - are valid <a href="#regexes">regular expressions</a> or empty<br/> \ <li/><b>Archives</b> - coma separated list of archives or empty<br/> \ </blockquote> \ <li/><b>Test url</b> - In two dialogues (in two steps) will let you enter document base and codebase, and then try to match them against all records. All matching items are returned! Last values are remembered> \ <li/><b>Move row down/up</b><br/> \ <blockquote cite="" > \ Order of rows is important. First matched result is returned (permanent have priority). So you can prioritize your matches using these buttons. <br/> \ For example, if you \Qhttp://blogs.com/\E.* regular expression to allow all applets on http://blogs.com, then it must be AFTER your \Qhttp://blogs.com/evilJohn\E.* regular expression forbidding all applets from blog of hacker evilJohn. \ </blockquote> \ </p> \ <p> \ <h2><A name="dialogue">Dialogue</A></h2> \ If <a href="#level"><b>High Security</b></a> is set, and a new unsigned applet is hit then the dialogue is shown asking you to allow it or deny it. You can also <b>choose</b> if you want to allow or deny this applet <b>every-time</b> (A or N) you encounter it or for <b>just one run</b> (y,n).<br/> \ You can also select to trust or deny (again temporarily or permanently) <b>all</b> the applets from <b>same, exact, codebase</b>. If you are visiting one page, which has various applets on various documents then this is a choice for you.<br/> \ If you decide not to allow remembering your decision, then just a temporary record is made. If you revisit a page, a small green or red label will inform you about your last decision.<br/> \ Once you select <b>remember</b> your decision, the dialog will <b>never appear again</b>. But you can <b>edit</b> your decision in <b>itw-settings application <a href="#table">table</a></b> (packed with IcedTea-Web). If you change your decision to temporary one (n,y) or delete its row, the dialogue will appear again. Of course you can switch also from Always to Never or vice versa. \ <br/> \ The dialogue always mentions the page on which an applet is displayed, and the URL from which it comes. There is also a hint, if you have ever visited this applet saying if you have allowed or rejected it in the past <br/> \ <blockquote cite="" > \ <h3>Controls</h3> \ <blockquote cite="" > \ <li/><b>Remember this option</b> - If set, then dialogue will never be shown for this applet or page again. \ <blockquote cite="" > \ <li/><b>For applet</b> - Exact applet will be allowed or denied \ <li/><b>For site</b> - All applets from this place will be allowed or denied \ </blockquote> \ <li/><b>Proceed</b> - Applets, as selected above will be allowed \ <li/><b>Cancel</b> - Applets, as selected above will be forbidden \ </blockquote> \ Be aware to "proceed" + "Remember this option" + "For site" on pages you do not know! It can make you vulnerable! \ </blockquote> \ </p> \ <p> \ <h2><A name="regexes">Regular expressions</A></h2> \ IcedTea-Web extended applet security - uses a powerful matching engine to match exact (sets of) applets. Base stone is <b>Quotation</b> of URL \Q\E and <b>wildchars</b> llike .* or .? or more.<br/> \ This was designed to suits the need to block or allow exact pages. The best is to show some examples:<br/> \ N 12.12.2012 .* \Qhttp://blogs.com/evilJohn\E.* <br/> \ N 12.12.2012 \Qhttp://blogs.com/goodJohn/evilApplet.html\E.* \Qhttp://blogs.com/goodJohn/\E goodJohnsArchive.jar <br/> \ A 12.12.2012 \Qhttp://blogs.com/\E.* \Qhttp://blogs.com/\E.* <br/> \ N 12.12.2012 .* \Qhttp://adds.com\E.* <br/> \ Y 12.12.2012 .* \Qhttp://www.walter-fendt.de/ph14_jar/\E <br/> \ <br/> \ <i>So this table, created 12.12.2012:<br/></i> \ <li/>Forbid all stuff which have some code on http://blogs.com/evilJohn pages<br/> \ <li/>Forbidding also one exact applet from http://blogs.com/goodJohn/ with archive goodJohnsArchive.jar<br/> \ <li/>Allowing all (other) applets from http://blogs.com/ but only when displayed also on http://blogs.com/<br/> \ <li/>Forbidding all applets with code saved on http://adds.com (except on http://blogs.com/ - to have forbidden http://adds.com also on http://blogs.com/, this (http://adds.com) record must be above blogs record)<br/> \ <li/>And finally allowing all nice physical applets on walter-fendt's pages <br/> \ <br/> \ Note - the date saved in .appletTrustSettings has a not so nice format, but I left this for now...<br/> \ <br/> \ All information about full regular expression syntax can be found on <a href="http://docs.oracle.com/javase/6/docs/api/java/util/regex/Pattern.html">http://docs.oracle.com/javase/6/docs/api/java/util/regex/Pattern.html</a> \ </p> \ <h2>Conclusion</h2> \ <p> \ Stay tuned to our homepage at <a href="http://icedtea.classpath.org/wiki/IcedTea-Web">http://icedtea.classpath.org/wiki/IcedTea-Web</a>!<br/> \ If you encounter any bug, feel free to file it in our <a href="http://icedtea.classpath.org/bugzilla/">bugzilla</a> ... According to <a href="http://icedtea.classpath.org/wiki/IcedTea-Web#Filing_bugs">http://icedtea.classpath.org/wiki/IcedTea-Web#Filing_bugs</a><br/> \ <br/> \ Safe browsing from your IcedTea-Web team... \ </p> \ </body> \