Mercurial > hg > release > icedtea-web-1.5

changeset 1043:f45e2b0ee174

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
application-library-allowable-codebase dialog made available for unsigned apps
author Jiri Vanek <jvanek@redhat.com>
date Tue, 08 Sep 2015 15:02:10 +0200
parents a7ed0ba86302
children b668c06dcb36
files ChangeLog netx/net/sourceforge/jnlp/resources/Messages.properties netx/net/sourceforge/jnlp/resources/Messages_cs.properties netx/net/sourceforge/jnlp/resources/Messages_de.properties netx/net/sourceforge/jnlp/resources/Messages_pl.properties netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java tests/netx/unit/net/sourceforge/jnlp/runtime/ManifestAttributesCheckerTest.java
diffstat 8 files changed, 144 insertions(+), 28 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Mon Jul 20 16:06:29 2015 +0200
+++ b/ChangeLog	Tue Sep 08 15:02:10 2015 +0200
@@ -1,3 +1,24 @@
+2015-09-01  Jiri Vanek  <jvanek@redhat.com>
+
+	application-library-allowable-codebase dialog made available for unsigned apps
+	* netx/net/sourceforge/jnlp/resources/Messages.properties: (ALACAMissingMainTitle)
+	added warning about possible consequences of  resources out of docbase.
+	(ALACAMatchingMainTitle) the red higlights changed to green and added calming
+	words about it.
+	* netx/net/sourceforge/jnlp/resources/Messages_cs.properties: same
+	* netx/net/sourceforge/jnlp/resources/Messages_de.properties: same
+	* netx/net/sourceforge/jnlp/resources/Messages_pl.properties: adapted to red
+	to green recoloring
+	* netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java:
+	(checkApplicationLibraryAllowableCodebaseAttribute) removed  return for in case
+	of unsigned app. Fixed check for all matching resources against codebase and docbase
+	If app is unsigned, then value in manifest is ignored. Missing alaca required
+	also in low security mode
+	* tests/netx/unit/net/sourceforge/jnlp/runtime/ManifestAttributesCheckerTest.java:
+	new file to test stripDocbase.
+	* netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java
+	removed not working checkbox for rembering the action.
+
 2015-07-20  Jiri Vanek  <jvanek@redhat.com>
 
 	Tuned permissions attribute behavior for unsigned jnlps
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Mon Jul 20 16:06:29 2015 +0200
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Tue Sep 08 15:02:10 2015 +0200
@@ -66,7 +66,7 @@
 ALACAMissingMainTitle=The application <span color='red'> {0} </span> \
 from <span color='red'> {1} </span> uses resources from the following remote locations: \
 {2} \
-Are you sure you want to run this application?
+Be very careful when application is loading from different space then you expect. Are you sure you want to run this application?
 ALACAMissingInfo=For more information see:<br/>\
 <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \
 JAR File Manifest Attributes</a> <br/> \
@@ -74,9 +74,9 @@
 Preventing the Repurposing of an Application</a>
 
 # matching Application-Library-Allowable-Codebase dialogue
-ALACAMatchingMainTitle=The application <span color='red'> {0} </span> \
-from <span color='red'> {1} </span> uses resources from the following remote locations:<br/>{2} <br/> \
-Are you sure you want to run this application?
+ALACAMatchingMainTitle=The application <span color=''green''> {0} </span> \
+from <span color=''green''> {1} </span> uses resources from the following remote locations:<br/>{2} <br/> \
+They looks ok. Are you sure you want to run this application?
 ALACAMatchingInfo=For more information you can visit:<br/>\
 <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library"> \
 JAR File Manifest Attributes</a> <br/> \
--- a/netx/net/sourceforge/jnlp/resources/Messages_cs.properties	Mon Jul 20 16:06:29 2015 +0200
+++ b/netx/net/sourceforge/jnlp/resources/Messages_cs.properties	Tue Sep 08 15:02:10 2015 +0200
@@ -62,7 +62,7 @@
 Zabr\u00e1n\u011bn\u00ed zneu\u017e\u00edv\u00e1n\u00ed aplikac\u00ed</a>
 
 # missing Application-Library-Allowable-Codebase dialogue
-ALACAMissingMainTitle=Aplikace <span color='red'> {0} </span> z <span color='red'> {1} </span> postr\u00e1d\u00e1 atribut \u201eapplication-library-allowable-codebase\u201c. Tato aplikace pou\u017e\u00edv\u00e1 zdroje z n\u00e1sleduj\u00edc\u00edho vzd\u00e1len\u00e9ho um\u00edst\u011bn\u00ed:<br/> {2} Skute\u010dn\u011b chcete spustit tuto aplikaci?
+ALACAMissingMainTitle=Aplikace <span color="red"> {0} </span> z <span color="red"> {1} </span> pou\u017e\u00edv\u00e1 zdroje z n\u00e1sleduj\u00edc\u00edch vzd\u00e1len\u00fdch um\u00edst\u011bn\u00ed:{2}. Bu\u010fte velmi opatrn\u00ed pokud jde o k\u00f3d z neo\u010dek\u00e1van destinace. Ur\u010dit\u011b chcete spustit tuto aplikaci?
 ALACAMissingInfo=Chcete-li z\u00edskat v\u00edce informac\u00ed, nav\u0161tivte n\u00e1sleduj\u00edc\u00ed weby:<br/>\
 <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library">\
 Atributy Manifestu souboru JAR</a> <br/>\
@@ -70,7 +70,7 @@
 <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html">\
 Zabr\u00e1n\u011bn\u00ed zneu\u017e\u00edv\u00e1n\u00ed aplikac\u00ed</a>
 # matching Application-Library-Allowable-Codebase dialogue
-ALACAMatchingMainTitle=Aplikace <span color='red'> {0} </span> z <span color='red'> {1} </span> vy\u017eaduje platn\u00e9 zdroje z r\u016fzn\u00fdch um\u00edst\u011bn\u00ed:<br/>{2} <br/> Na\u010dten\u00ed t\u011bchto zdroj\u016f se o\u010dek\u00e1v\u00e1. Souhlas\u00edte se spu\u0161t\u011bn\u00edm t\u00e9to aplikace?
+ALACAMatchingMainTitle=Aplikace <span color="green"> {0} </span> z <span color="green"> {1} </span> pou\u017e\u00edv\u00e1 zdroje z n\u00e1sleduj\u00edc\u00edch vzd\u00e1len\u00fdch um\u00edst\u011bn\u00ed:<br/>{2}.<br/> Zdroje se zdaj\u00ed v po\u0159\u00e1dku. Chcete spustit tuto aplikaci?
 ALACAMatchingInfo=Chcete-li z\u00edskat v\u00edce informac\u00ed, nav\u0161tivte n\u00e1sleduj\u00edc\u00ed weby:<br/>\
 <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library">\
 Atributy Manifestu souboru JAR</a> <br/>\
--- a/netx/net/sourceforge/jnlp/resources/Messages_de.properties	Mon Jul 20 16:06:29 2015 +0200
+++ b/netx/net/sourceforge/jnlp/resources/Messages_de.properties	Tue Sep 08 15:02:10 2015 +0200
@@ -77,10 +77,10 @@
 Preventing the Repurposing of an Application</a>
 
 # matching Application-Library-Allowable-Codebase dialogue
-ALACAMatchingMainTitle=Die Anwendung \u201e<span color=\"red\">{0}</span>\u201c \
-mit der Codebasis \u201e<span color="red">{1}</span>\u201c l\u00e4dt die folgenden Ressourcen von einer fremden Dom\u00e4ne:<br/>\
+ALACAMatchingMainTitle=Die Anwendung \u201e<span color=\"green\">{0}</span>\u201c \
+mit der Codebasis \u201e<span color="green">{1}</span>\u201c l\u00e4dt die folgenden Ressourcen von einer fremden Dom\u00e4ne:<br/>\
 {2}<br/>\
-Soll diese Anwendung wirklich ausgef\u00fchrt werden?
+Es ist richtig. Soll diese Anwendung wirklich ausgef\u00fchrt werden?
 ALACAMatchingInfo=Um weitere Informationen zu erhalten siehe:<br/>\
 <a href="http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library">\
 JAR File Manifest Attributes</a><br/>\
--- a/netx/net/sourceforge/jnlp/resources/Messages_pl.properties	Mon Jul 20 16:06:29 2015 +0200
+++ b/netx/net/sourceforge/jnlp/resources/Messages_pl.properties	Tue Sep 08 15:02:10 2015 +0200
@@ -76,8 +76,8 @@
 Preventing the Repurposing of an Application</a>
 
 # matching Application-Library-Allowable-Codebase dialogue
-ALACAMatchingMainTitle=Aplikacja \u201e<span color="red">{0}</span>\u201d \
-z \u201e<span color="red">{1}</span>\u201d pobiera zasoby z nast\u0119puj\u0105cych obcych lokalizacji:<br/>\
+ALACAMatchingMainTitle=Aplikacja \u201e<span color="green">{0}</span>\u201d \
+z \u201e<span color="green">{1}</span>\u201d pobiera zasoby z nast\u0119puj\u0105cych obcych lokalizacji:<br/>\
 {2}<br/>\
 Czy na pewno chcesz uruchomi\u0107 t\u0105 aplikacj\u0119?
 ALACAMatchingInfo=Wi\u0119cej informacji uzyskasz na:<br/>\
--- a/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java	Mon Jul 20 16:06:29 2015 +0200
+++ b/netx/net/sourceforge/jnlp/runtime/ManifestAttributesChecker.java	Tue Sep 08 15:02:10 2015 +0200
@@ -36,6 +36,7 @@
  */
 package net.sourceforge.jnlp.runtime;
 
+import java.net.MalformedURLException;
 import java.net.URL;
 import java.util.HashSet;
 import java.util.Set;
@@ -246,9 +247,6 @@
     }
 
     private void checkApplicationLibraryAllowableCodebaseAttribute() throws LaunchException {
-        if (signing == SigningState.NONE) {
-            return; /*when app is not signed at all, then skip this check*/
-        }
         //conditions
         URL codebase = file.getCodeBase();
         URL documentBase = null;
@@ -300,19 +298,32 @@
             return;
         }
 
-        if (usedUrls.size() == 1) {
-            if (UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], codebase)
-                    && UrlUtils.equalsIgnoreLastSlash(usedUrls.toArray(new URL[0])[0], documentBase)) {
-                //all resoources are from codebase or document base. it is ok to proceeed.
-                OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[0])[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check.");
-                return;
+
+        boolean allOk = true;
+        for (URL u : usedUrls) {
+            if (UrlUtils.equalsIgnoreLastSlash(u, codebase)
+                    && UrlUtils.equalsIgnoreLastSlash(u, stripDocbase(documentBase))) {
+                OutputController.getLogger().log("OK - "+u.toExternalForm()+" is from codebase/docbase.");
+            } else {
+                allOk = false;
+                OutputController.getLogger().log("Warning! "+u.toExternalForm()+" is NOT from codebase/docbase.");
             }
         }
-        ClasspathMatchers att = file.getManifestsAttributes().getApplicationLibraryAllowableCodebase();
-
-        if (att == null) {
-            boolean a = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls);
-            if (!a) {
+        if (allOk) {
+            //all resoources are from codebase or document base. it is ok to proceeed.
+            OutputController.getLogger().log("All applications resources (" + usedUrls.toArray(new URL[0])[0] + ") are from codebas/documentbase " + codebase + "/" + documentBase + ", skipping Application-Library-Allowable-Codebase Attribute check.");
+            return;
+        }
+        
+        ClasspathMatchers att = null;
+        if (signing == SigningState.NONE) {
+            //for unsigned app we are ignoring value in manifesdt (may be faked)
+        } else {
+            att = file.getManifestsAttributes().getApplicationLibraryAllowableCodebase();
+        }
+         if (att == null) {
+            final boolean userApproved = SecurityDialogs.showMissingALACAttributePanel(file.getTitle(), documentBase, usedUrls);
+            if (!userApproved) {
                 throw new LaunchException("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was blocked from running by the user");
             } else {
                 OutputController.getLogger().log("The application uses non-codebase resources, has no Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user");
@@ -334,4 +345,26 @@
             OutputController.getLogger().log("The application uses non-codebase resources, which do match its Application-Library-Allowable-Codebase Attribute, and was allowed to run by the user.");
         }
     }
+    
+    //package private for testing
+    //not perfect but ok for usecase
+    static URL stripDocbase(URL documentBase) {
+        String s = documentBase.toExternalForm();
+        if (s.endsWith("/") || s.endsWith("\\")) {
+            return documentBase;
+        }
+        int i1 = s.lastIndexOf("/");
+        int i2 = s.lastIndexOf("\\");
+        int i = Math.max(i1, i2);
+        if (i <= 8 || i >= s.length()) {
+            return documentBase;
+        }
+        s = s.substring(0, i+1);
+        try {
+            documentBase = new URL(s);
+        } catch (MalformedURLException ex) {
+            OutputController.getLogger().log(ex);
+        }
+        return documentBase;
+    }
 }
--- a/netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java	Mon Jul 20 16:06:29 2015 +0200
+++ b/netx/net/sourceforge/jnlp/security/dialogs/MatchingALACAttributePanel.java	Tue Sep 08 15:02:10 2015 +0200
@@ -55,7 +55,6 @@
 import javax.swing.BoxLayout;
 import javax.swing.ImageIcon;
 import javax.swing.JButton;
-import javax.swing.JCheckBox;
 import javax.swing.JEditorPane;
 import javax.swing.JFrame;
 import javax.swing.JLabel;
@@ -130,7 +129,6 @@
 
         JButton yes = new JButton(Translator.R("ButYes"));
         JButton no = new JButton(Translator.R("ButNo"));
-        JCheckBox remeber = new JCheckBox(htmlWrap(Translator.R("SRememberOption")));
         int buttonWidth = yes.getMinimumSize().width;
         int buttonHeight = yes.getMinimumSize().height;
         Dimension d = new Dimension(buttonWidth, buttonHeight);
@@ -139,7 +137,6 @@
         yes.addActionListener(createSetValueListener(parent, 0));
         no.addActionListener(createSetValueListener(parent, 1));
         initialFocusComponent = no;
-        buttonPanel.add(remeber);
         buttonPanel.add(yes);
         buttonPanel.add(no);
         buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10));
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/netx/unit/net/sourceforge/jnlp/runtime/ManifestAttributesCheckerTest.java	Tue Sep 08 15:02:10 2015 +0200
@@ -0,0 +1,65 @@
+/* 
+ Copyright (C) 2013 Red Hat, Inc.
+
+ This file is part of IcedTea.
+
+ IcedTea is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, version 2.
+
+ IcedTea is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with IcedTea; see the file COPYING.  If not, write to
+ the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ 02110-1301 USA.
+
+ Linking this library statically or dynamically with other modules is
+ making a combined work based on this library.  Thus, the terms and
+ conditions of the GNU General Public License cover the whole
+ combination.
+
+ As a special exception, the copyright holders of this library give you
+ permission to link this library with independent modules to produce an
+ executable, regardless of the license terms of these independent
+ modules, and to copy and distribute the resulting executable under
+ terms of your choice, provided that you also meet, for each linked
+ independent module, the terms and conditions of the license of that
+ module.  An independent module is a module which is not derived from
+ or based on this library.  If you modify this library, you may extend
+ this exception to your version of the library, but you are not
+ obligated to do so.  If you do not wish to do so, delete this
+ exception statement from your version.
+ */
+package net.sourceforge.jnlp.runtime;
+
+import java.net.MalformedURLException;
+import java.net.URL;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class ManifestAttributesCheckerTest {
+
+    @Test
+    public void stripDocbaseTest() throws Exception {
+        tryTest("http://aaa.bb/ccc/file.html", "http://aaa.bb/ccc/");
+        tryTest("http://aaa.bb/ccc/file.html/", "http://aaa.bb/ccc/file.html/");
+        tryTest("http://aaa.bb/ccc/dir/", "http://aaa.bb/ccc/dir/");
+        tryTest("http://aaa.bb/ccc/dir", "http://aaa.bb/ccc/");
+        tryTest("http://aaa.bb/ccc/", "http://aaa.bb/ccc/");
+        tryTest("http://aaa.bb/ccc", "http://aaa.bb/");
+        tryTest("http://aaa.bb/", "http://aaa.bb/");
+        tryTest("http://aaa.bb", "http://aaa.bb");
+    }
+
+    private static void tryTest(String src, String expected) throws MalformedURLException {
+        URL s = new URL(src);
+        URL q = ManifestAttributesChecker.stripDocbase(s);
+        //junit is failing for me on url.equls(url)...
+        Assert.assertEquals(expected, q.toExternalForm());
+    }
+
+}