Mercurial > hg > release > icedtea-web-1.5
changeset 981:80e5f17e3bbc
All manifest attributes can be disabled
* netx/net/sourceforge/jnlp/config/Defaults.java: added new KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK configuration.
* netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java: Added KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK key
* netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java: (isCheckEnabled) new method to check value of KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK (checkAll) is testing isCheckEnabled before checking individual attributes.
author | Jiri Vanek <jvanek@redhat.com> |
---|---|
date | Mon, 14 Apr 2014 15:20:30 +0200 |
parents | 854acffa0c99 |
children | 72e24f635c8b |
files | ChangeLog netx/net/sourceforge/jnlp/config/Defaults.java netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java |
diffstat | 4 files changed, 36 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Mon Apr 07 10:29:02 2014 -0400 +++ b/ChangeLog Mon Apr 14 15:20:30 2014 +0200 @@ -1,3 +1,14 @@ +2014-04-14 Jiri Vanek <jvanek@redhat.com> + + All manifest attributes can be disabled + * netx/net/sourceforge/jnlp/config/Defaults.java: added new + KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK configuration. + * netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java: + Added KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK key + * netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java: + (isCheckEnabled) new method to check value of KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK + (checkAll) is testing isCheckEnabled before checking individual attributes. + 2014-04-07 Andrew Azores <aazores@redhat.com> * netx/net/sourceforge/jnlp/security/SecurityDialogs.java:
--- a/netx/net/sourceforge/jnlp/config/Defaults.java Mon Apr 07 10:29:02 2014 -0400 +++ b/netx/net/sourceforge/jnlp/config/Defaults.java Mon Apr 14 15:20:30 2014 +0200 @@ -428,6 +428,12 @@ DeploymentConfiguration.KEY_JRE_DIR, null, null + }, + //enable manifest-attributes checks + { + DeploymentConfiguration.KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK, + BasicValueValidators.getBooleanValidator(), + String.valueOf(true) } };
--- a/netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java Mon Apr 07 10:29:02 2014 -0400 +++ b/netx/net/sourceforge/jnlp/config/DeploymentConfiguration.java Mon Apr 14 15:20:30 2014 +0200 @@ -173,6 +173,11 @@ public static final String KEY_ENABLE_LOGGING_TOFILE = "deployment.log.file"; public static final String KEY_ENABLE_LOGGING_TOSTREAMS = "deployment.log.stdstreams"; public static final String KEY_ENABLE_LOGGING_TOSYSTEMLOG = "deployment.log.system"; + + /* + * manifest check + */ + public static final String KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK = "deployment.manifest.attributes.check"; /** * Console initial status.
--- a/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java Mon Apr 07 10:29:02 2014 -0400 +++ b/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java Mon Apr 14 15:20:30 2014 +0200 @@ -49,6 +49,7 @@ import net.sourceforge.jnlp.PluginBridge; import net.sourceforge.jnlp.ResourcesDesc; import net.sourceforge.jnlp.SecurityDesc; +import net.sourceforge.jnlp.config.DeploymentConfiguration; import net.sourceforge.jnlp.runtime.JNLPClassLoader.SecurityDelegate; import net.sourceforge.jnlp.runtime.JNLPClassLoader.SigningState; import net.sourceforge.jnlp.security.SecurityDialogs; @@ -74,10 +75,19 @@ } void checkAll() throws LaunchException { - checkTrustedOnlyAttribute(); - checkCodebaseAttribute(); - checkPermissionsAttribute(); - checkApplicationLibraryAllowableCodebaseAttribute(); + if (isCheckEnabled()) { + checkTrustedOnlyAttribute(); + checkCodebaseAttribute(); + checkPermissionsAttribute(); + checkApplicationLibraryAllowableCodebaseAttribute(); + } else { + OutputController.getLogger().log("Checking for attributes in manifest is disabled."); + } + } + + public static boolean isCheckEnabled() { + String value = JNLPRuntime.getConfiguration().getProperty(DeploymentConfiguration.KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK); + return Boolean.parseBoolean(value); } /**