Mercurial > hg > release > icedtea-web-1.5
changeset 948:80e5a57863e2
Fixed ManifestsAttributeValidator and RunInSandbox
author | Andrew Azores <aazores@redhat.com> |
---|---|
date | Mon, 24 Mar 2014 14:08:17 -0400 |
parents | c0845e58bfba |
children | d0069afaeaff |
files | ChangeLog netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java |
diffstat | 2 files changed, 13 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Mon Mar 24 17:04:51 2014 +0100 +++ b/ChangeLog Mon Mar 24 14:08:17 2014 -0400 @@ -1,3 +1,8 @@ +2014-03-24 Andrew Azores <aazores@redhat.com> + + * netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java: + (checkTrustedOnlyAttrubute) works properly with sandboxing + 2014-03-24 Jiri Vanek <jvanek@redhat.com> Client applications now log into new console.
--- a/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java Mon Mar 24 17:04:51 2014 +0100 +++ b/netx/net/sourceforge/jnlp/runtime/ManifestsAttributesValidator.java Mon Mar 24 14:08:17 2014 -0400 @@ -102,16 +102,21 @@ securityType = "Unknown"; } - final boolean isFullySigned = signing == SigningState.FULL || (signing == SigningState.PARTIAL && securityDelegate.getRunInSandbox()); + final boolean isFullySigned = signing == SigningState.FULL; + final boolean isSandboxed = securityDelegate.getRunInSandbox(); + final boolean requestsCorrectPermissions = (isFullySigned && SecurityDesc.ALL_PERMISSIONS.equals(desc)) + || (isSandboxed && SecurityDesc.SANDBOX_PERMISSIONS.equals(desc)); final String signedMsg; - if (isFullySigned) { + if (isFullySigned && !isSandboxed) { signedMsg = "The applet is fully signed"; + } else if (isFullySigned && isSandboxed) { + signedMsg = "The applet is fully signed and sandboxed"; } else { signedMsg = "The applet is not fully signed"; } OutputController.getLogger().log(OutputController.Level.MESSAGE_DEBUG, "Trusted Only manifest attribute is \"true\". " + signedMsg + " and requests permission level: " + securityType); - if (!(isFullySigned && SecurityDesc.ALL_PERMISSIONS.equals(desc))) { + if (!(isFullySigned && requestsCorrectPermissions)) { throw new LaunchException(Translator.R("STrustedOnlyAttributeFailure", signedMsg, securityType)); } }