Mercurial > hg > release > icedtea-web-1.6
changeset 1240:f5b19b402bf6
Added tests for signed applet/app using Permission attribute and for unsigned applet/app using Permission attribute
line wrap: on
line diff
--- a/ChangeLog Mon Jul 20 13:00:19 2015 +0200 +++ b/ChangeLog Mon Jul 20 15:22:38 2015 +0200 @@ -1,3 +1,96 @@ +2015-07-20 Jiri Vanek <jvanek@redhat.com> + + Added tests for signed applet/app using Permission attribute and for unsigned applet/app using Permission attribute + * tests/reproducers/signed/SandboxSignedAllPerm/resources/SandboxSignedAllPerm.html + * tests/reproducers/signed/SandboxSignedAllPerm/resources/SandboxSignedAllPerm.jnlp + * tests/reproducers/signed/SandboxSignedAllPerm/resources/SandboxSignedAllPerm_applet.jnlp + * tests/reproducers/signed/SandboxSignedAllPerm/resources/SandboxSignedAllPerm_applet_security.jnlp + * tests/reproducers/signed/SandboxSignedAllPerm/resources/SandboxSignedAllPerm_security.jnlp + * tests/reproducers/signed/SandboxSignedAllPerm/srcs/META-INF/MANIFEST.MF + contains Permissions: all-permissions + * tests/reproducers/signed/SandboxSignedAllPerm/srcs/SandboxSignedAllPerm.java + * tests/reproducers/signed/SandboxSignedAllPerm/testcases/SandboxSignedAllPermTest.java + testcases with permissions in manifest check on + * tests/reproducers/signed/SandboxSignedInvalid/resources/SandboxSignedInvalid.html + * tests/reproducers/signed/SandboxSignedInvalid/resources/SandboxSignedInvalid.jnlp + * tests/reproducers/signed/SandboxSignedInvalid/resources/SandboxSignedInvalid_applet.jnlp + * tests/reproducers/signed/SandboxSignedInvalid/resources/SandboxSignedInvalid_applet_security.jnlp + * tests/reproducers/signed/SandboxSignedInvalid/resources/SandboxSignedInvalid_security.jnlp + * tests/reproducers/signed/SandboxSignedInvalid/srcs/META-INF/MANIFEST.MF + contains Permissions: invalidValue + * tests/reproducers/signed/SandboxSignedInvalid/srcs/SandboxSignedInvalid.java + * tests/reproducers/signed/SandboxSignedInvalid/testcases/SandboxSignedInvalidTest.java + testcases with permissions in manifest check on + * tests/reproducers/signed/SandboxSignedMissing/resources/SandboxSignedMissing.html + * tests/reproducers/signed/SandboxSignedMissing/resources/SandboxSignedMissing.jnlp + * tests/reproducers/signed/SandboxSignedMissing/resources/SandboxSignedMissing_applet.jnlp + * tests/reproducers/signed/SandboxSignedMissing/resources/SandboxSignedMissing_applet_security.jnlp + * tests/reproducers/signed/SandboxSignedMissing/resources/SandboxSignedMissing_security.jnlp + * tests/reproducers/signed/SandboxSignedMissing/srcs/META-INF/MANIFEST.MF + does not contains Permissions + * tests/reproducers/signed/SandboxSignedMissing/srcs/SandboxSignedMissing.java + * tests/reproducers/signed/SandboxSignedMissing/testcases/SandboxSignedMissingTest.java + testcases with permissions in manifest check on + * tests/reproducers/signed/SandboxSignedMissing/testcases/SandboxSignedMissingTestHighSecurity.java + testcases with permissions in manifest check on and on high security => interactive tests + with autoreply + * tests/reproducers/signed/SandboxSignedSandbox/resources/SandboxSignedSandbox.html + * tests/reproducers/signed/SandboxSignedSandbox/resources/SandboxSignedSandbox.jnlp + * tests/reproducers/signed/SandboxSignedSandbox/resources/SandboxSignedSandbox_applet.jnlp + * tests/reproducers/signed/SandboxSignedSandbox/resources/SandboxSignedSandbox_applet_security.jnlp + * tests/reproducers/signed/SandboxSignedSandbox/resources/SandboxSignedSandbox_security.jnlp + * tests/reproducers/signed/SandboxSignedSandbox/srcs/META-INF/MANIFEST.MF + contains Permissions: sandbox + * tests/reproducers/signed/SandboxSignedSandbox/srcs/SandboxSignedSandbox.java + * tests/reproducers/signed/SandboxSignedSandbox/testcases/SandboxSignedSandboxTest.java + testcases with permissions in manifest check on. Contains two failing tests + currently itw with snadbox in manifest and jnlp not requesting permissions fails. + Bug to be fixed + * tests/reproducers/unsigned/SandboxUnsignedAllPerm/resources/SandboxUnsignedAllPerm.html + * tests/reproducers/unsigned/SandboxUnsignedAllPerm/resources/SandboxUnsignedAllPerm.jnlp + * tests/reproducers/unsigned/SandboxUnsignedAllPerm/resources/SandboxUnsignedAllPerm_applet.jnlp + * tests/reproducers/unsigned/SandboxUnsignedAllPerm/resources/SandboxUnsignedAllPerm_applet_security.jnlp + * tests/reproducers/unsigned/SandboxUnsignedAllPerm/resources/SandboxUnsignedAllPerm_security.jnlp + * tests/reproducers/unsigned/SandboxUnsignedAllPerm/srcs/META-INF/MANIFEST.MF + contains Permissions: all-permissions + * tests/reproducers/unsigned/SandboxUnsignedAllPerm/srcs/SandboxUnsignedAllPerm.java + * tests/reproducers/unsigned/SandboxUnsignedAllPerm/testcases/SandboxUnsignedAllPermTest.java + testcases with permissions in manifest check on. There is probably an bug in impl. + The applet should not run at all, or javaws without permissions should runin sandbox too. + * tests/reproducers/unsigned/SandboxUnsignedInvalid/resources/SandboxUnsignedInvalid.html + * tests/reproducers/unsigned/SandboxUnsignedInvalid/resources/SandboxUnsignedInvalid.jnlp + * tests/reproducers/unsigned/SandboxUnsignedInvalid/resources/SandboxUnsignedInvalid_applet.jnlp + * tests/reproducers/unsigned/SandboxUnsignedInvalid/resources/SandboxUnsignedInvalid_applet_security.jnlp + * tests/reproducers/unsigned/SandboxUnsignedInvalid/resources/SandboxUnsignedInvalid_security.jnlp + * tests/reproducers/unsigned/SandboxUnsignedInvalid/srcs/META-INF/MANIFEST.MF + contains Permissions: invalidValue + * tests/reproducers/unsigned/SandboxUnsignedInvalid/srcs/SandboxUnsignedInvalid.java + * tests/reproducers/unsigned/SandboxUnsignedInvalid/testcases/SandboxUnsignedInvalidTest.java + testcases with permissions in manifest check on + * tests/reproducers/unsigned/SandboxUnsignedMissing/resources/SandboxUnsignedMissing.html + * tests/reproducers/unsigned/SandboxUnsignedMissing/resources/SandboxUnsignedMissing.jnlp + * tests/reproducers/unsigned/SandboxUnsignedMissing/resources/SandboxUnsignedMissing_applet.jnlp + * tests/reproducers/unsigned/SandboxUnsignedMissing/resources/SandboxUnsignedMissing_applet_security.jnlp + * tests/reproducers/unsigned/SandboxUnsignedMissing/resources/SandboxUnsignedMissing_security.jnlp + * tests/reproducers/unsigned/SandboxUnsignedMissing/srcs/META-INF/MANIFEST.MF + does not contains Permissions + * tests/reproducers/unsigned/SandboxUnsignedMissing/srcs/SandboxUnsignedMissing.java + * tests/reproducers/unsigned/SandboxUnsignedMissing/testcases/SandboxUnsignedMissingTest.java + testcases with permissions in manifest check on + * tests/reproducers/unsigned/SandboxUnsignedMissing/testcases/SandboxUnsignedMissingTestHighSecurity.java + testcases with permissions in manifest check on and on high security => interactive tests + with autoreply + * tests/reproducers/unsigned/SandboxUnsignedSandbox/resources/SandboxUnsignedSandbox.html + * tests/reproducers/unsigned/SandboxUnsignedSandbox/resources/SandboxUnsignedSandbox.jnlp + * tests/reproducers/unsigned/SandboxUnsignedSandbox/resources/SandboxUnsignedSandbox_applet.jnlp + * tests/reproducers/unsigned/SandboxUnsignedSandbox/resources/SandboxUnsignedSandbox_applet_security.jnlp + * tests/reproducers/unsigned/SandboxUnsignedSandbox/resources/SandboxUnsignedSandbox_security.jnlp + * tests/reproducers/unsigned/SandboxUnsignedSandbox/srcs/META-INF/MANIFEST.MF + contains Permissions: sandbox + * tests/reproducers/unsigned/SandboxUnsignedSandbox/srcs/SandboxUnsignedSandbox.java + * tests/reproducers/unsigned/SandboxUnsignedSandbox/testcases/SandboxUnsignedSandboxTest.java + testcases with permissions in manifest check on. + 2015-07-20 Jiri Vanek <jvanek@redhat.com> Fixed download service
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedAllPerm/resources/SandboxSignedAllPerm.html Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,42 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<html><head></head><body bgcolor="red"> +<p><applet code="SandboxSignedAllPerm.class" archive="SandboxSignedAllPerm.jar" codebase="." width="250" height="200"> +</applet></p> +</body> +</html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedAllPerm/resources/SandboxSignedAllPerm.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,53 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedAllPerm.jnlp" codebase="."> + <information> + <title>SandboxSignedAllPerm</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedAllPerm</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedAllPerm.jar"/> + </resources> + <application-desc main-class="SandboxSignedAllPerm"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedAllPerm/resources/SandboxSignedAllPerm_applet.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,58 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedAllPerm_applet.jnlp" codebase="."> + <information> + <title>SandboxSignedAllPerm</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedAllPerm</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedAllPerm.jar"/> + </resources> + <applet-desc + documentBase="." + name="SandboxSignedAllPerm" + main-class="SandboxSignedAllPerm" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedAllPerm/resources/SandboxSignedAllPerm_applet_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,61 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + +--> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedAllPerm_applet_security.jnlp" codebase="."> + <information> + <title>SandboxSignedAllPerm</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedAllPerm</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedAllPerm.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <applet-desc + documentBase="." + name="SandboxSignedAllPerm" + main-class="SandboxSignedAllPerm" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedAllPerm/resources/SandboxSignedAllPerm_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,56 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedAllPerm_security.jnlp" codebase="."> + <information> + <title>SandboxSignedAllPerm</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedAllPerm</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedAllPerm.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <application-desc main-class="SandboxSignedAllPerm"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedAllPerm/srcs/META-INF/MANIFEST.MF Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Permissions: all-permissions +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedAllPerm/srcs/SandboxSignedAllPerm.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,57 @@ + +import java.applet.Applet; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxSignedAllPerm extends Applet { + + @Override + public void init() { + confirm(); + } + + public static void main(String... s) { + confirm(); + } + + private static void confirm() { + System.out.println("*** applet running ***"); + System.out.println(System.getProperty("user.home")); + System.out.println("*** APPLET FINISHED ***"); + } + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedAllPerm/testcases/SandboxSignedAllPermTest.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,123 @@ + +import java.io.IOException; +import java.util.Arrays; +import net.sourceforge.jnlp.ProcessResult; +import net.sourceforge.jnlp.ServerAccess; +import net.sourceforge.jnlp.annotations.TestInBrowsers; +import net.sourceforge.jnlp.browsertesting.BrowserTest; +import net.sourceforge.jnlp.browsertesting.Browsers; +import net.sourceforge.jnlp.closinglisteners.AutoErrorClosingListener; +import net.sourceforge.jnlp.closinglisteners.AutoOkClosingListener; +import net.sourceforge.jnlp.closinglisteners.StringBasedClosingListener; +import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.runtime.ManifestAttributesChecker; +import net.sourceforge.jnlp.tools.DeploymentPropertiesModifier; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxSignedAllPermTest extends BrowserTest { + + private static final DeploymentPropertiesModifier dpm = new DeploymentPropertiesModifier(); + private static final StringBasedClosingListener aok = new AutoOkClosingListener(); + private static final StringBasedClosingListener aer = new AutoErrorClosingListener(); + private static final String confirmation = "*** applet running ***"; + @BeforeClass + public static void setDeploymentManifestPermissionReadingOnly() throws IOException{ + dpm.setProperties(DeploymentConfiguration.KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK, ManifestAttributesChecker.MANIFEST_ATTRIBUTES_CHECK.PERMISSIONS.toString()); + } + + @AfterClass + public static void restoreDeploymentProeprtiees() throws IOException{ + dpm.restoreProperties(); + } + + @Test + //no security dialog + //crash (jnlp dont have all-permnissions) + public void javawsAllPermNoSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxSignedAllPerm.jnlp"); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + @Test + //no security dialog + //pass + public void javawsAllPermAllSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxSignedAllPerm_security.jnlp"); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertTrue(p.stdout.contains(aok.getCondition())); + Assert.assertFalse(p.stderr.contains(aer.getCondition())); + } + + @Test + //no security dialog + //crash (jnlp dont have all-permnissions) + public void javawsAppletAllPermNoSecurity() throws Exception{ + ProcessResult p = server.executeJavaws(Arrays.asList(new String[]{"-headless", "-verbose"}), "SandboxSignedAllPerm_applet.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); //applets have exception flused only in verbose mode? strange... + } + @Test + //no security dialog + //pass + public void javawsAppletAllPermAllSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxSignedAllPerm_applet_security.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertTrue(p.stdout.contains(aok.getCondition())); + Assert.assertFalse(p.stderr.contains(aer.getCondition())); + } + + @Test + @TestInBrowsers(testIn = Browsers.one) + //no security dialog + //pass + public void appletAllPermAllSecurity() throws Exception{ + server.getBrowserLocation(); + ProcessResult p = server.executeBrowser("SandboxSignedAllPerm.html", ServerAccess.AutoClose.CLOSE_ON_BOTH); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertTrue(p.stdout.contains(aok.getCondition())); + Assert.assertFalse(p.stderr.contains(aer.getCondition())); + } + + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedInvalid/resources/SandboxSignedInvalid.html Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,42 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<html><head></head><body bgcolor="red"> +<p><applet code="SandboxSignedInvalid.class" archive="SandboxSignedInvalid.jar" codebase="." width="250" height="200"> +</applet></p> +</body> +</html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedInvalid/resources/SandboxSignedInvalid.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,53 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedInvalid.jnlp" codebase="."> + <information> + <title>SandboxSignedInvalid</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedInvalid</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedInvalid.jar"/> + </resources> + <application-desc main-class="SandboxSignedInvalid"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedInvalid/resources/SandboxSignedInvalid_applet.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,58 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedInvalid_applet.jnlp" codebase="."> + <information> + <title>SandboxSignedInvalid</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedInvalid</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedInvalid.jar"/> + </resources> + <applet-desc + documentBase="." + name="SandboxSignedInvalid" + main-class="SandboxSignedInvalid" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedInvalid/resources/SandboxSignedInvalid_applet_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,61 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedInvalid_applet_security.jnlp" codebase="."> + <information> + <title>SandboxSignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedInvalid</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedInvalid.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <applet-desc + documentBase="." + name="SandboxSignedInvalid" + main-class="SandboxSignedInvalid" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedInvalid/resources/SandboxSignedInvalid_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,56 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedInvalid_security.jnlp" codebase="."> + <information> + <title>SandboxSignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedInvalid</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedInvalid.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <application-desc main-class="SandboxSignedInvalid"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedInvalid/srcs/META-INF/MANIFEST.MF Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Permissions: invalidValue +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedInvalid/srcs/SandboxSignedInvalid.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,57 @@ + +import java.applet.Applet; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxSignedInvalid extends Applet { + + + @Override + public void init() { + confirm(); + } + + public static void main(String... s) { + confirm(); + } + + private static void confirm() { + System.out.println("*** applet running ***"); + System.out.println(System.getProperty("user.home")); + System.out.println("*** APPLET FINISHED ***"); + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedInvalid/testcases/SandboxSignedInvalidTest.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,125 @@ + +import java.io.IOException; +import net.sourceforge.jnlp.ProcessResult; +import net.sourceforge.jnlp.ServerAccess; +import net.sourceforge.jnlp.annotations.TestInBrowsers; +import net.sourceforge.jnlp.browsertesting.BrowserTest; +import static net.sourceforge.jnlp.browsertesting.BrowserTest.server; +import net.sourceforge.jnlp.browsertesting.Browsers; +import net.sourceforge.jnlp.closinglisteners.AutoErrorClosingListener; +import net.sourceforge.jnlp.closinglisteners.AutoOkClosingListener; +import net.sourceforge.jnlp.closinglisteners.StringBasedClosingListener; +import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.runtime.ManifestAttributesChecker; +import net.sourceforge.jnlp.tools.DeploymentPropertiesModifier; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxSignedInvalidTest extends BrowserTest { + + private static final DeploymentPropertiesModifier dpm = new DeploymentPropertiesModifier(); + private static final StringBasedClosingListener aok = new AutoOkClosingListener(); + private static final StringBasedClosingListener aer = new AutoErrorClosingListener(); + private static final String confirmation = "*** applet running ***"; + + + @BeforeClass + public static void setDeploymentManifestPermissionReadingOnly() throws IOException{ + dpm.setProperties(DeploymentConfiguration.KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK, ManifestAttributesChecker.MANIFEST_ATTRIBUTES_CHECK.PERMISSIONS.toString()); + } + + @AfterClass + public static void restoreDeploymentProeprtiees() throws IOException{ + dpm.restoreProperties(); + } + + @Test + //no security dialog + //crash (jnlp dont have all-permnissions) + public void javawsAllPermNoSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxSignedInvalid.jnlp"); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + @Test + //no security dialog + //pass + public void javawsAllPermAllSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxSignedInvalid_security.jnlp"); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + //no security dialog + //crash (jnlp dont have all-permnissions) + public void javawsAppletAllPermNoSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxSignedInvalid_applet.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + @Test + //no security dialog + //pass + public void javawsAppletAllPermAllSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxSignedInvalid_applet_security.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + @TestInBrowsers(testIn = Browsers.one) + //no security dialog + //pass + public void appletAllPermAllSecurity() throws Exception{ + server.getBrowserLocation(); + ProcessResult p = server.executeBrowser("SandboxSignedInvalid.html", ServerAccess.AutoClose.CLOSE_ON_BOTH); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedMissing/resources/SandboxSignedMissing.html Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,42 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<html><head></head><body bgcolor="red"> +<p><applet code="SandboxSignedMissing.class" archive="SandboxSignedMissing.jar" codebase="." width="250" height="200"> +</applet></p> +</body> +</html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedMissing/resources/SandboxSignedMissing.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,53 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedMissing.jnlp" codebase="."> + <information> + <title>SandboxSignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedMissing</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedMissing.jar"/> + </resources> + <application-desc main-class="SandboxSignedMissing"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedMissing/resources/SandboxSignedMissing_applet.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,58 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedMissing_applet.jnlp" codebase="."> + <information> + <title>SandboxSignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedMissing</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedMissing.jar"/> + </resources> + <applet-desc + documentBase="." + name="SandboxSignedMissing" + main-class="SandboxSignedMissing" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedMissing/resources/SandboxSignedMissing_applet_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,61 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedMissing_applet_security.jnlp" codebase="."> + <information> + <title>SandboxSignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedMissing</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedMissing.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <applet-desc + documentBase="." + name="SandboxSignedMissing" + main-class="SandboxSignedMissing" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedMissing/resources/SandboxSignedMissing_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,56 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedMissing_security.jnlp" codebase="."> + <information> + <title>SandboxSignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedMissing</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedMissing.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <application-desc main-class="SandboxSignedMissing"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedMissing/srcs/META-INF/MANIFEST.MF Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,2 @@ +Manifest-Version: 1.0 +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedMissing/srcs/SandboxSignedMissing.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,57 @@ + +import java.applet.Applet; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxSignedMissing extends Applet { + + @Override + public void init() { + confirm(); + } + + public static void main(String... s) { + confirm(); + } + + private static void confirm() { + System.out.println("*** applet running ***"); + System.out.println(System.getProperty("user.home")); + System.out.println("*** APPLET FINISHED ***"); + } + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedMissing/testcases/SandboxSignedMissingTest.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,130 @@ + +import java.io.IOException; +import java.util.Arrays; +import net.sourceforge.jnlp.ProcessResult; +import net.sourceforge.jnlp.ServerAccess; +import net.sourceforge.jnlp.annotations.TestInBrowsers; +import net.sourceforge.jnlp.browsertesting.BrowserTest; +import static net.sourceforge.jnlp.browsertesting.BrowserTest.server; +import net.sourceforge.jnlp.browsertesting.Browsers; +import net.sourceforge.jnlp.closinglisteners.AutoErrorClosingListener; +import net.sourceforge.jnlp.closinglisteners.AutoOkClosingListener; +import net.sourceforge.jnlp.closinglisteners.StringBasedClosingListener; +import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.runtime.ManifestAttributesChecker; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; +import net.sourceforge.jnlp.tools.DeploymentPropertiesModifier; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxSignedMissingTest extends BrowserTest { + + private static final DeploymentPropertiesModifier dpm1 = new DeploymentPropertiesModifier(); + private static final DeploymentPropertiesModifier dpm2 = new DeploymentPropertiesModifier(); + private static final StringBasedClosingListener aok = new AutoOkClosingListener(); + private static final StringBasedClosingListener aer = new AutoErrorClosingListener(); + private static final String confirmation = "*** applet running ***"; + + + @BeforeClass + public static void setDeploymentManifestPermissionReadingOnly() throws IOException{ + dpm1.setProperties(DeploymentConfiguration.KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK, ManifestAttributesChecker.MANIFEST_ATTRIBUTES_CHECK.PERMISSIONS.toString()); + dpm2.setProperties(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ALLOW_UNSIGNED.toChars()); + } + + @AfterClass + public static void restoreDeploymentProeprtiees() throws IOException{ + dpm2.restoreProperties(); + dpm1.restoreProperties(); + } + + @Test + //no security dialog + //crash (jnlp dont have all-permnissions) + public void javawsAllPermNoSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxSignedMissing.jnlp"); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + @Test + //no security dialog + //pass + public void javawsAllPermAllSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxSignedMissing_security.jnlp"); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertTrue(p.stdout.contains(aok.getCondition())); + Assert.assertFalse(p.stderr.contains(aer.getCondition())); + } + + @Test + //no security dialog + //crash (jnlp dont have all-permnissions) + public void javawsAppletAllPermNoSecurity() throws Exception{ + ProcessResult p = server.executeJavaws(Arrays.asList(new String[]{"-headless", "-verbose"}),"SandboxSignedMissing_applet.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition()));//applets have exception flused only in verbose mode? strange... + } + @Test + //no security dialog + //pass + public void javawsAppletAllPermAllSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxSignedMissing_applet_security.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertTrue(p.stdout.contains(aok.getCondition())); + Assert.assertFalse(p.stderr.contains(aer.getCondition())); + } + + @Test + @TestInBrowsers(testIn = Browsers.one) + //no security dialog + //pass + public void appletAllPermAllSecurity() throws Exception{ + server.getBrowserLocation(); + ProcessResult p = server.executeBrowser("SandboxSignedMissing.html", ServerAccess.AutoClose.CLOSE_ON_BOTH); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertTrue(p.stdout.contains(aok.getCondition())); + Assert.assertFalse(p.stderr.contains(aer.getCondition())); + } + + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedMissing/testcases/SandboxSignedMissingTestHighSecurity.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,195 @@ + +import java.io.IOException; +import java.util.Arrays; +import net.sourceforge.jnlp.ProcessResult; +import net.sourceforge.jnlp.ProcessWrapper; +import net.sourceforge.jnlp.ServerAccess; +import net.sourceforge.jnlp.annotations.TestInBrowsers; +import net.sourceforge.jnlp.browsertesting.BrowserTest; +import static net.sourceforge.jnlp.browsertesting.BrowserTest.server; +import net.sourceforge.jnlp.browsertesting.Browsers; +import net.sourceforge.jnlp.closinglisteners.AutoErrorClosingListener; +import net.sourceforge.jnlp.closinglisteners.AutoOkClosingListener; +import net.sourceforge.jnlp.closinglisteners.StringBasedClosingListener; +import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.runtime.ManifestAttributesChecker; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; +import net.sourceforge.jnlp.tools.DeploymentPropertiesModifier; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxSignedMissingTestHighSecurity extends BrowserTest { + + private static final DeploymentPropertiesModifier dpm1 = new DeploymentPropertiesModifier(); + private static final DeploymentPropertiesModifier dpm2 = new DeploymentPropertiesModifier(); + private static final StringBasedClosingListener aok = new AutoOkClosingListener(); + private static final StringBasedClosingListener aer = new AutoErrorClosingListener(); + private static final String confirmation = "*** applet running ***"; + + + @BeforeClass + public static void setDeploymentManifestPermissionReadingOnly() throws IOException{ + dpm1.setProperties(DeploymentConfiguration.KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK, ManifestAttributesChecker.MANIFEST_ATTRIBUTES_CHECK.PERMISSIONS.toString()); + dpm2.setProperties(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ASK_UNSIGNED.toChars()); + } + + @AfterClass + public static void restoreDeploymentProeprtiees() throws IOException{ + dpm2.restoreProperties(); + dpm1.restoreProperties(); + } + + @Test + // security dialog + //crash (jnlp dont have all-permnissions) + public void javawsAllPermNoSecurityYes() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless"), server.getUrl("SandboxSignedMissing.jnlp")); + pw.setWriter("YES\n"); + ProcessResult p = pw.execute(); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + // security dialog + //crash (jnlp dont have all-permnissions) + @Test + public void javawsAllPermNoSecurityNo() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless"), server.getUrl("SandboxSignedMissing.jnlp")); + pw.setWriter("NO\n"); + ProcessResult p = pw.execute(); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + // security dialog + //pass + public void javawsAllPermAllSecurityYes() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless"), server.getUrl("SandboxSignedMissing_security.jnlp")); + pw.setWriter("YES\n"); + ProcessResult p = pw.execute(); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertTrue(p.stdout.contains(aok.getCondition())); + Assert.assertFalse(p.stderr.contains(aer.getCondition())); + } + + @Test + // security dialog + //pass + public void javawsAllPermAllSecurityNo() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless"), server.getUrl("SandboxSignedMissing_security.jnlp")); + pw.setWriter("NO\n"); + ProcessResult p = pw.execute(); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + // security dialog + //crash (jnlp dont have all-permnissions) + public void javawsAppletAllPermNoSecurityYes() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless", "-verbose"), server.getUrl("SandboxSignedMissing_applet.jnlp")); + pw.addStdOutListener(new AutoOkClosingListener()); + pw.setWriter("YES\n"); + ProcessResult p = pw.execute(); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition()));//applets have exception flused only in verbose mode? strange... + } + + @Test + // security dialog + //crash (jnlp dont have all-permnissions) + public void javawsAppletAllPermNoSecurityNo() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless", "-verbose"), server.getUrl("SandboxSignedMissing_applet.jnlp")); + pw.addStdErrListener(new AutoErrorClosingListener()); + pw.addStdOutListener(new AutoOkClosingListener()); + pw.setWriter("NO\n"); + ProcessResult p = pw.execute(); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition()));//applets have exception flused only in verbose mode? strange... + } + + @Test + //security dialog + //pass + public void javawsAppletAllPermAllSecurityYes() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless"), server.getUrl("SandboxSignedMissing_applet_security.jnlp")); + pw.addStdOutListener(new AutoOkClosingListener()); + pw.setWriter("YES\n"); + ProcessResult p = pw.execute(); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertTrue(p.stdout.contains(aok.getCondition())); + Assert.assertFalse(p.stderr.contains(aer.getCondition())); + } + @Test + //security dialog + //pass + public void javawsAppletAllPermAllSecurityNo() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless"), server.getUrl("SandboxSignedMissing_applet_security.jnlp")); + pw.addStdErrListener(new AutoErrorClosingListener()); + pw.addStdOutListener(new AutoOkClosingListener()); + pw.setWriter("NO\n"); + ProcessResult p = pw.execute(); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + //browser do not support headless dialogues + //@Test + //@TestInBrowsers(testIn = Browsers.one) + //no security dialog + //pass + public void appletAllPermAllSecurity() throws Exception{ + server.getBrowserLocation(); + ProcessResult p = server.executeBrowser("SandboxSignedMissing.html", ServerAccess.AutoClose.CLOSE_ON_BOTH); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertTrue(p.stdout.contains(aok.getCondition())); + Assert.assertFalse(p.stderr.contains(aer.getCondition())); + } + + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedSandbox/resources/SandboxSignedSandbox.html Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,42 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<html><head></head><body bgcolor="red"> +<p><applet code="SandboxSignedSandbox.class" archive="SandboxSignedSandbox.jar" codebase="." width="250" height="200"> +</applet></p> +</body> +</html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedSandbox/resources/SandboxSignedSandbox.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,53 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedSandbox.jnlp" codebase="."> + <information> + <title>SandboxSignedSandbox</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedSandbox</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedSandbox.jar"/> + </resources> + <application-desc main-class="SandboxSignedSandbox"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedSandbox/resources/SandboxSignedSandbox_applet.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,58 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + +--> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedSandbox_applet.jnlp" codebase="."> + <information> + <title>SandboxSignedSandbox</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedSandbox</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedSandbox.jar"/> + </resources> + <applet-desc + documentBase="." + name="SandboxSignedSandbox" + main-class="SandboxSignedSandbox" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedSandbox/resources/SandboxSignedSandbox_applet_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,61 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedSandbox_applet_security.jnlp" codebase="."> + <information> + <title>SandboxSignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedSandbox</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedSandbox.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <applet-desc + documentBase="." + name="SandboxSignedSandbox" + main-class="SandboxSignedSandbox" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedSandbox/resources/SandboxSignedSandbox_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,56 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxSignedSandbox_security.jnlp" codebase="."> + <information> + <title>SandboxSignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxSignedSandbox</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxSignedSandbox.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <application-desc main-class="SandboxSignedSandbox"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedSandbox/srcs/META-INF/MANIFEST.MF Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Permissions: sandbox +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedSandbox/srcs/SandboxSignedSandbox.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,57 @@ + +import java.applet.Applet; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxSignedSandbox extends Applet { + + + @Override + public void init() { + confirm(); + } + + public static void main(String... s) { + confirm(); + } + + private static void confirm() { + System.out.println("*** applet running ***"); + System.out.println(System.getProperty("user.home")); + System.out.println("*** APPLET FINISHED ***"); + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/signed/SandboxSignedSandbox/testcases/SandboxSignedSandboxTest.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,128 @@ + +import java.io.IOException; +import java.util.Arrays; +import net.sourceforge.jnlp.ProcessResult; +import net.sourceforge.jnlp.ServerAccess; +import net.sourceforge.jnlp.annotations.TestInBrowsers; +import net.sourceforge.jnlp.browsertesting.BrowserTest; +import static net.sourceforge.jnlp.browsertesting.BrowserTest.server; +import net.sourceforge.jnlp.browsertesting.Browsers; +import net.sourceforge.jnlp.closinglisteners.AutoErrorClosingListener; +import net.sourceforge.jnlp.closinglisteners.AutoOkClosingListener; +import net.sourceforge.jnlp.closinglisteners.StringBasedClosingListener; +import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.runtime.ManifestAttributesChecker; +import net.sourceforge.jnlp.tools.DeploymentPropertiesModifier; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxSignedSandboxTest extends BrowserTest { + + private static final DeploymentPropertiesModifier dpm = new DeploymentPropertiesModifier(); + private static final StringBasedClosingListener aok = new AutoOkClosingListener(); + private static final StringBasedClosingListener aer = new AutoErrorClosingListener(); + private static final String confirmation = "*** applet running ***"; + + + @BeforeClass + public static void setDeploymentManifestPermissionReadingOnly() throws IOException{ + dpm.setProperties(DeploymentConfiguration.KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK, ManifestAttributesChecker.MANIFEST_ATTRIBUTES_CHECK.PERMISSIONS.toString()); + } + + @AfterClass + public static void restoreDeploymentProeprtiees() throws IOException{ + dpm.restoreProperties(); + } + + @Test + //no security dialog + //should run in snadbox (jnlp dont have all-permnissions) + //dont run at all. BUG! + public void javawsAllPermNoSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxSignedSandbox.jnlp"); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + @Test + //no security dialog + //pass, crash, invalid combination all-permissions x sandbox + public void javawsAllPermAllSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxSignedSandbox_security.jnlp"); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + //no security dialog + //should run in snadbox (jnlp dont have all-permnissions) + //dont run at all. BUG! + public void javawsAppletAllPermNoSecurity() throws Exception{ + ProcessResult p = server.executeJavaws(Arrays.asList(new String[]{"-headless", "-verbose"}),"SandboxSignedSandbox_applet.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition()));//applets have exception flused only in verbose mode? strange... + } + @Test + //no security dialog + //pass, crash, invalid combination all-permissions x sandbox + public void javawsAppletAllPermAllSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxSignedSandbox_applet_security.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + @TestInBrowsers(testIn = Browsers.one) + //no security dialog + //started in sandbox + public void appletAllPermAllSecurity() throws Exception{ + server.getBrowserLocation(); + ProcessResult p = server.executeBrowser("SandboxSignedSandbox.html", ServerAccess.AutoClose.CLOSE_ON_BOTH); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedAllPerm/resources/SandboxUnsignedAllPerm.html Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,42 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<html><head></head><body bgcolor="blue"> +<p><applet code="SandboxUnsignedAllPerm.class" archive="SandboxUnsignedAllPerm.jar" codebase="." width="250" height="200"> +</applet></p> +</body> +</html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedAllPerm/resources/SandboxUnsignedAllPerm.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,53 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedAllPerm.jnlp" codebase="."> + <information> + <title>SandboxUnsignedAllPerm</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedAllPerm</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedAllPerm.jar"/> + </resources> + <application-desc main-class="SandboxUnsignedAllPerm"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedAllPerm/resources/SandboxUnsignedAllPerm_applet.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,58 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedAllPerm_applet.jnlp" codebase="."> + <information> + <title>SandboxUnsignedAllPerm</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedAllPerm</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedAllPerm.jar"/> + </resources> + <applet-desc + documentBase="." + name="SandboxUnsignedAllPerm" + main-class="SandboxUnsignedAllPerm" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedAllPerm/resources/SandboxUnsignedAllPerm_applet_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,61 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + +--> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedAllPerm_applet_security.jnlp" codebase="."> + <information> + <title>SandboxUnsignedAllPerm</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedAllPerm</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedAllPerm.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <applet-desc + documentBase="." + name="SandboxUnsignedAllPerm" + main-class="SandboxUnsignedAllPerm" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedAllPerm/resources/SandboxUnsignedAllPerm_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,56 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedAllPerm_security.jnlp" codebase="."> + <information> + <title>SandboxUnsignedAllPerm</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedAllPerm</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedAllPerm.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <application-desc main-class="SandboxUnsignedAllPerm"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedAllPerm/srcs/META-INF/MANIFEST.MF Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Permissions: all-permissions +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedAllPerm/srcs/SandboxUnsignedAllPerm.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,57 @@ + +import java.applet.Applet; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxUnsignedAllPerm extends Applet { + + @Override + public void init() { + confirm(); + } + + public static void main(String... s) { + confirm(); + } + + private static void confirm() { + System.out.println("*** applet running ***"); + System.out.println(System.getProperty("user.home")); + System.out.println("*** APPLET FINISHED ***"); + } + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedAllPerm/testcases/SandboxUnsignedAllPermTest.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,118 @@ + +import java.io.IOException; +import java.util.Arrays; +import net.sourceforge.jnlp.ProcessResult; +import net.sourceforge.jnlp.ServerAccess; +import net.sourceforge.jnlp.annotations.TestInBrowsers; +import net.sourceforge.jnlp.browsertesting.BrowserTest; +import net.sourceforge.jnlp.browsertesting.Browsers; +import net.sourceforge.jnlp.closinglisteners.AutoErrorClosingListener; +import net.sourceforge.jnlp.closinglisteners.AutoOkClosingListener; +import net.sourceforge.jnlp.closinglisteners.StringBasedClosingListener; +import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.runtime.ManifestAttributesChecker; +import net.sourceforge.jnlp.tools.DeploymentPropertiesModifier; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxUnsignedAllPermTest extends BrowserTest { + + private static final DeploymentPropertiesModifier dpm = new DeploymentPropertiesModifier(); + private static final StringBasedClosingListener aok = new AutoOkClosingListener(); + private static final StringBasedClosingListener aer = new AutoErrorClosingListener(); + private static final String confirmation = "*** applet running ***"; + + @BeforeClass + public static void setDeploymentManifestPermissionReadingOnly() throws IOException { + dpm.setProperties(DeploymentConfiguration.KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK, ManifestAttributesChecker.MANIFEST_ATTRIBUTES_CHECK.PERMISSIONS.toString()); + } + + @AfterClass + public static void restoreDeploymentProeprtiees() throws IOException { + dpm.restoreProperties(); + } + + @Test + //bug, should run in sandbox, see appletAllPermAllSecurity + public void javawsAllPermNoSecurity() throws Exception { + ProcessResult p = server.executeJavawsHeadless("SandboxUnsignedAllPerm.jnlp"); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + public void javawsAllPermAllSecurity() throws Exception { + ProcessResult p = server.executeJavawsHeadless("SandboxUnsignedAllPerm_security.jnlp"); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + //bug, should run in sandbox, see appletAllPermAllSecurity + public void javawsAppletAllPermNoSecurity() throws Exception { + ProcessResult p = server.executeJavaws(Arrays.asList(new String[]{"-headless", "-verbose"}), "SandboxUnsignedAllPerm_applet.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); //applets have exception flused only in verbose mode? strange... + } + + @Test + public void javawsAppletAllPermAllSecurity() throws Exception { + ProcessResult p = server.executeJavawsHeadless("SandboxUnsignedAllPerm_applet_security.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + @TestInBrowsers(testIn = Browsers.one) + //or this one should fail + public void appletAllPermAllSecurity() throws Exception { + server.getBrowserLocation(); + ProcessResult p = server.executeBrowser("SandboxUnsignedAllPerm.html", ServerAccess.AutoClose.CLOSE_ON_BOTH); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedInvalid/resources/SandboxUnsignedInvalid.html Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,42 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<html><head></head><body bgcolor="red"> +<p><applet code="SandboxUnsignedInvalid.class" archive="SandboxUnsignedInvalid.jar" codebase="." width="250" height="200"> +</applet></p> +</body> +</html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedInvalid/resources/SandboxUnsignedInvalid.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,53 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedInvalid.jnlp" codebase="."> + <information> + <title>SandboxUnsignedInvalid</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedInvalid</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedInvalid.jar"/> + </resources> + <application-desc main-class="SandboxUnsignedInvalid"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedInvalid/resources/SandboxUnsignedInvalid_applet.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,58 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedInvalid_applet.jnlp" codebase="."> + <information> + <title>SandboxUnsignedInvalid</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedInvalid</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedInvalid.jar"/> + </resources> + <applet-desc + documentBase="." + name="SandboxUnsignedInvalid" + main-class="SandboxUnsignedInvalid" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedInvalid/resources/SandboxUnsignedInvalid_applet_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,61 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedInvalid_applet_security.jnlp" codebase="."> + <information> + <title>SandboxSignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedInvalid</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedInvalid.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <applet-desc + documentBase="." + name="SandboxUnsignedInvalid" + main-class="SandboxUnsignedInvalid" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedInvalid/resources/SandboxUnsignedInvalid_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,56 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedInvalid_security.jnlp" codebase="."> + <information> + <title>SandboxSignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedInvalid</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedInvalid.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <application-desc main-class="SandboxUnsignedInvalid"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedInvalid/srcs/META-INF/MANIFEST.MF Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Permissions: invalidValue +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedInvalid/srcs/SandboxUnsignedInvalid.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,57 @@ + +import java.applet.Applet; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxUnsignedInvalid extends Applet { + + + @Override + public void init() { + confirm(); + } + + public static void main(String... s) { + confirm(); + } + + private static void confirm() { + System.out.println("*** applet running ***"); + System.out.println(System.getProperty("user.home")); + System.out.println("*** APPLET FINISHED ***"); + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedInvalid/testcases/SandboxUnsignedInvalidTest.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,115 @@ + +import java.io.IOException; +import net.sourceforge.jnlp.ProcessResult; +import net.sourceforge.jnlp.ServerAccess; +import net.sourceforge.jnlp.annotations.TestInBrowsers; +import net.sourceforge.jnlp.browsertesting.BrowserTest; +import static net.sourceforge.jnlp.browsertesting.BrowserTest.server; +import net.sourceforge.jnlp.browsertesting.Browsers; +import net.sourceforge.jnlp.closinglisteners.AutoErrorClosingListener; +import net.sourceforge.jnlp.closinglisteners.AutoOkClosingListener; +import net.sourceforge.jnlp.closinglisteners.StringBasedClosingListener; +import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.runtime.ManifestAttributesChecker; +import net.sourceforge.jnlp.tools.DeploymentPropertiesModifier; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxUnsignedInvalidTest extends BrowserTest { + + private static final DeploymentPropertiesModifier dpm = new DeploymentPropertiesModifier(); + private static final StringBasedClosingListener aok = new AutoOkClosingListener(); + private static final StringBasedClosingListener aer = new AutoErrorClosingListener(); + private static final String confirmation = "*** applet running ***"; + + + @BeforeClass + public static void setDeploymentManifestPermissionReadingOnly() throws IOException{ + dpm.setProperties(DeploymentConfiguration.KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK, ManifestAttributesChecker.MANIFEST_ATTRIBUTES_CHECK.PERMISSIONS.toString()); + } + + @AfterClass + public static void restoreDeploymentProeprtiees() throws IOException{ + dpm.restoreProperties(); + } + + @Test + public void javawsAllPermNoSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxUnsignedInvalid.jnlp"); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + @Test + public void javawsAllPermAllSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxUnsignedInvalid_security.jnlp"); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + public void javawsAppletAllPermNoSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxUnsignedInvalid_applet.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + @Test + public void javawsAppletAllPermAllSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxUnsignedInvalid_applet_security.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + @TestInBrowsers(testIn = Browsers.one) + public void appletAllPermAllSecurity() throws Exception{ + server.getBrowserLocation(); + ProcessResult p = server.executeBrowser("SandboxUnsignedInvalid.html", ServerAccess.AutoClose.CLOSE_ON_BOTH); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedMissing/resources/SandboxUnsignedMissing.html Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,42 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<html><head></head><body bgcolor="blue"> +<p><applet code="SandboxUnsignedMissing.class" archive="SandboxUnsignedMissing.jar" codebase="." width="250" height="200"> +</applet></p> +</body> +</html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedMissing/resources/SandboxUnsignedMissing.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,53 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedMissing.jnlp" codebase="."> + <information> + <title>SandboxUnsignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedMissing</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedMissing.jar"/> + </resources> + <application-desc main-class="SandboxUnsignedMissing"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedMissing/resources/SandboxUnsignedMissing_applet.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,58 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedMissing_applet.jnlp" codebase="."> + <information> + <title>SandboxUnsignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedMissing</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedMissing.jar"/> + </resources> + <applet-desc + documentBase="." + name="SandboxUnsignedMissing" + main-class="SandboxUnsignedMissing" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedMissing/resources/SandboxUnsignedMissing_applet_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,61 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedMissing_applet_security.jnlp" codebase="."> + <information> + <title>SandboxUnsignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedMissing</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedMissing.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <applet-desc + documentBase="." + name="SandboxUnsignedMissing" + main-class="SandboxUnsignedMissing" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedMissing/resources/SandboxUnsignedMissing_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,56 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedMissing_security.jnlp" codebase="."> + <information> + <title>SandboxUnsignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedMissing</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedMissing.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <application-desc main-class="SandboxUnsignedMissing"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedMissing/srcs/META-INF/MANIFEST.MF Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,2 @@ +Manifest-Version: 1.0 +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedMissing/srcs/SandboxUnsignedMissing.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,57 @@ + +import java.applet.Applet; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxUnsignedMissing extends Applet { + + @Override + public void init() { + confirm(); + } + + public static void main(String... s) { + confirm(); + } + + private static void confirm() { + System.out.println("*** applet running ***"); + System.out.println(System.getProperty("user.home")); + System.out.println("*** APPLET FINISHED ***"); + } + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedMissing/testcases/SandboxUnsignedMissingTest.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,120 @@ + +import java.io.IOException; +import java.util.Arrays; +import net.sourceforge.jnlp.ProcessResult; +import net.sourceforge.jnlp.ServerAccess; +import net.sourceforge.jnlp.annotations.TestInBrowsers; +import net.sourceforge.jnlp.browsertesting.BrowserTest; +import static net.sourceforge.jnlp.browsertesting.BrowserTest.server; +import net.sourceforge.jnlp.browsertesting.Browsers; +import net.sourceforge.jnlp.closinglisteners.AutoErrorClosingListener; +import net.sourceforge.jnlp.closinglisteners.AutoOkClosingListener; +import net.sourceforge.jnlp.closinglisteners.StringBasedClosingListener; +import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.runtime.ManifestAttributesChecker; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; +import net.sourceforge.jnlp.tools.DeploymentPropertiesModifier; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxUnsignedMissingTest extends BrowserTest { + + private static final DeploymentPropertiesModifier dpm1 = new DeploymentPropertiesModifier(); + private static final DeploymentPropertiesModifier dpm2 = new DeploymentPropertiesModifier(); + private static final StringBasedClosingListener aok = new AutoOkClosingListener(); + private static final StringBasedClosingListener aer = new AutoErrorClosingListener(); + private static final String confirmation = "*** applet running ***"; + + + @BeforeClass + public static void setDeploymentManifestPermissionReadingOnly() throws IOException{ + dpm1.setProperties(DeploymentConfiguration.KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK, ManifestAttributesChecker.MANIFEST_ATTRIBUTES_CHECK.PERMISSIONS.toString()); + dpm2.setProperties(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ALLOW_UNSIGNED.toChars()); + } + + @AfterClass + public static void restoreDeploymentProeprtiees() throws IOException{ + dpm2.restoreProperties(); + dpm1.restoreProperties(); + } + + @Test + public void javawsAllPermNoSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxUnsignedMissing.jnlp"); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + @Test + public void javawsAllPermAllSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxUnsignedMissing_security.jnlp"); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + public void javawsAppletAllPermNoSecurity() throws Exception{ + ProcessResult p = server.executeJavaws(Arrays.asList(new String[]{"-headless", "-verbose"}),"SandboxUnsignedMissing_applet.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition()));//applets have exception flused only in verbose mode? strange... + } + @Test + public void javawsAppletAllPermAllSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxUnsignedMissing_applet_security.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + @TestInBrowsers(testIn = Browsers.one) + public void appletAllPermAllSecurity() throws Exception{ + server.getBrowserLocation(); + ProcessResult p = server.executeBrowser("SandboxUnsignedMissing.html", ServerAccess.AutoClose.CLOSE_ON_BOTH); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedMissing/testcases/SandboxUnsignedMissingTestHighSecurity.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,177 @@ + +import java.io.IOException; +import java.util.Arrays; +import net.sourceforge.jnlp.ProcessResult; +import net.sourceforge.jnlp.ProcessWrapper; +import net.sourceforge.jnlp.ServerAccess; +import net.sourceforge.jnlp.annotations.TestInBrowsers; +import net.sourceforge.jnlp.browsertesting.BrowserTest; +import static net.sourceforge.jnlp.browsertesting.BrowserTest.server; +import net.sourceforge.jnlp.browsertesting.Browsers; +import net.sourceforge.jnlp.closinglisteners.AutoErrorClosingListener; +import net.sourceforge.jnlp.closinglisteners.AutoOkClosingListener; +import net.sourceforge.jnlp.closinglisteners.StringBasedClosingListener; +import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.runtime.ManifestAttributesChecker; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; +import net.sourceforge.jnlp.tools.DeploymentPropertiesModifier; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxUnsignedMissingTestHighSecurity extends BrowserTest { + + private static final DeploymentPropertiesModifier dpm1 = new DeploymentPropertiesModifier(); + private static final DeploymentPropertiesModifier dpm2 = new DeploymentPropertiesModifier(); + private static final StringBasedClosingListener aok = new AutoOkClosingListener(); + private static final StringBasedClosingListener aer = new AutoErrorClosingListener(); + private static final String confirmation = "*** applet running ***"; + + + @BeforeClass + public static void setDeploymentManifestPermissionReadingOnly() throws IOException{ + dpm1.setProperties(DeploymentConfiguration.KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK, ManifestAttributesChecker.MANIFEST_ATTRIBUTES_CHECK.PERMISSIONS.toString()); + dpm2.setProperties(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ASK_UNSIGNED.toChars()); + } + + @AfterClass + public static void restoreDeploymentProeprtiees() throws IOException{ + dpm2.restoreProperties(); + dpm1.restoreProperties(); + } + + @Test + public void javawsAllPermNoSecurityYes() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless"), server.getUrl("SandboxUnsignedMissing.jnlp")); + pw.setWriter("YES\n"); + ProcessResult p = pw.execute(); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + public void javawsAllPermNoSecurityNo() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless"), server.getUrl("SandboxUnsignedMissing.jnlp")); + pw.setWriter("NO\n"); + ProcessResult p = pw.execute(); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + public void javawsAllPermAllSecurityYes() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless"), server.getUrl("SandboxUnsignedMissing_security.jnlp")); + pw.setWriter("YES\n"); + ProcessResult p = pw.execute(); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + public void javawsAllPermAllSecurityNo() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless"), server.getUrl("SandboxUnsignedMissing_security.jnlp")); + pw.setWriter("NO\n"); + ProcessResult p = pw.execute(); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + public void javawsAppletAllPermNoSecurityYes() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless", "-verbose"), server.getUrl("SandboxUnsignedMissing_applet.jnlp")); + pw.addStdOutListener(new AutoOkClosingListener()); + pw.setWriter("YES\n"); + ProcessResult p = pw.execute(); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition()));//applets have exception flused only in verbose mode? strange... + } + + @Test + public void javawsAppletAllPermNoSecurityNo() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless", "-verbose"), server.getUrl("SandboxUnsignedMissing_applet.jnlp")); + pw.addStdErrListener(new AutoErrorClosingListener()); + pw.addStdOutListener(new AutoOkClosingListener()); + pw.setWriter("NO\n"); + ProcessResult p = pw.execute(); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition()));//applets have exception flused only in verbose mode? strange... + } + + @Test + public void javawsAppletAllPermAllSecurityYes() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless"), server.getUrl("SandboxUnsignedMissing_applet_security.jnlp")); + pw.addStdOutListener(new AutoOkClosingListener()); + pw.setWriter("YES\n"); + ProcessResult p = pw.execute(); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + @Test + public void javawsAppletAllPermAllSecurityNo() throws Exception{ + ProcessWrapper pw = new ProcessWrapper(server.getJavawsLocation(), Arrays.asList("-headless"), server.getUrl("SandboxUnsignedMissing_applet_security.jnlp")); + pw.addStdErrListener(new AutoErrorClosingListener()); + pw.addStdOutListener(new AutoOkClosingListener()); + pw.setWriter("NO\n"); + ProcessResult p = pw.execute(); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + //browser do not support headless dialogues + //@Test + //@TestInBrowsers(testIn = Browsers.one) + public void appletAllPermAllSecurity() throws Exception{ + server.getBrowserLocation(); + ProcessResult p = server.executeBrowser("SandboxUnsignedMissing.html", ServerAccess.AutoClose.CLOSE_ON_BOTH); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertTrue(p.stdout.contains(aok.getCondition())); + Assert.assertFalse(p.stderr.contains(aer.getCondition())); + } + + +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedSandbox/resources/SandboxUnsignedSandbox.html Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,42 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<html><head></head><body bgcolor="blue"> +<p><applet code="SandboxUnsignedSandbox.class" archive="SandboxUnsignedSandbox.jar" codebase="." width="250" height="200"> +</applet></p> +</body> +</html> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedSandbox/resources/SandboxUnsignedSandbox.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,53 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedSandbox.jnlp" codebase="."> + <information> + <title>SandboxUnsignedSandbox</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedSandbox</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedSandbox.jar"/> + </resources> + <application-desc main-class="SandboxUnsignedSandbox"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedSandbox/resources/SandboxUnsignedSandbox_applet.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,58 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + +--> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedSandbox_applet.jnlp" codebase="."> + <information> + <title>SandboxUnsignedSandbox</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedSandbox</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedSandbox.jar"/> + </resources> + <applet-desc + documentBase="." + name="SandboxUnsignedSandbox" + main-class="SandboxUnsignedSandbox" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedSandbox/resources/SandboxUnsignedSandbox_applet_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,61 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedSandbox_applet_security.jnlp" codebase="."> + <information> + <title>SandboxSignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedSandbox</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedSandbox.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <applet-desc + documentBase="." + name="SandboxUnsignedSandbox" + main-class="SandboxUnsignedSandbox" + width="250" + height="200"> + </applet-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedSandbox/resources/SandboxUnsignedSandbox_security.jnlp Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,56 @@ +<!-- + +This file is part of IcedTea. + +IcedTea is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2, or (at your option) +any later version. + +IcedTea is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details. + +You should have received a copy of the GNU General Public License +along with IcedTea; see the file COPYING. If not, write to the +Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +02110-1301 USA. + +Linking this library statically or dynamically with other modules is +making a combined work based on this library. Thus, the terms and +conditions of the GNU General Public License cover the whole +combination. + +As a special exception, the copyright holders of this library give you +permission to link this library with independent modules to produce an +executable, regardless of the license terms of these independent +modules, and to copy and distribute the resulting executable under +terms of your choice, provided that you also meet, for each linked +independent module, the terms and conditions of the license of that +module. An independent module is a module which is not derived from +or based on this library. If you modify this library, you may extend +this exception to your version of the library, but you are not +obligated to do so. If you do not wish to do so, delete this +exception statement from your version. + + --> +<?xml version="1.0" encoding="utf-8"?> +<jnlp spec="1.0" href="SandboxUnsignedSandbox_security.jnlp" codebase="."> + <information> + <title>SandboxSignedMissing</title> + <vendor>IcedTea</vendor> + <homepage href="http://icedtea.classpath.org/wiki/IcedTea-Web#Testing_IcedTea-Web"/> + <description>SandboxUnsignedSandbox</description> + <offline/> + </information> + <resources> + <j2se version="1.4+"/> + <jar href="SandboxUnsignedSandbox.jar"/> + </resources> + <security> + <all-permissions/> + </security> + <application-desc main-class="SandboxUnsignedSandbox"> + </application-desc> +</jnlp> \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedSandbox/srcs/META-INF/MANIFEST.MF Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,3 @@ +Manifest-Version: 1.0 +Permissions: sandbox +
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedSandbox/srcs/SandboxUnsignedSandbox.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,57 @@ + +import java.applet.Applet; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxUnsignedSandbox extends Applet { + + + @Override + public void init() { + confirm(); + } + + public static void main(String... s) { + confirm(); + } + + private static void confirm() { + System.out.println("*** applet running ***"); + System.out.println(System.getProperty("user.home")); + System.out.println("*** APPLET FINISHED ***"); + } +}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/reproducers/simple/SandboxUnsignedSandbox/testcases/SandboxUnsignedSandboxTest.java Mon Jul 20 15:22:38 2015 +0200 @@ -0,0 +1,116 @@ + +import java.io.IOException; +import java.util.Arrays; +import net.sourceforge.jnlp.ProcessResult; +import net.sourceforge.jnlp.ServerAccess; +import net.sourceforge.jnlp.annotations.TestInBrowsers; +import net.sourceforge.jnlp.browsertesting.BrowserTest; +import static net.sourceforge.jnlp.browsertesting.BrowserTest.server; +import net.sourceforge.jnlp.browsertesting.Browsers; +import net.sourceforge.jnlp.closinglisteners.AutoErrorClosingListener; +import net.sourceforge.jnlp.closinglisteners.AutoOkClosingListener; +import net.sourceforge.jnlp.closinglisteners.StringBasedClosingListener; +import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.runtime.ManifestAttributesChecker; +import net.sourceforge.jnlp.tools.DeploymentPropertiesModifier; +import org.junit.AfterClass; +import org.junit.Assert; +import org.junit.BeforeClass; +import org.junit.Test; + +/* AppletTest.java + Copyright (C) 2011 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +public class SandboxUnsignedSandboxTest extends BrowserTest { + + private static final DeploymentPropertiesModifier dpm = new DeploymentPropertiesModifier(); + private static final StringBasedClosingListener aok = new AutoOkClosingListener(); + private static final StringBasedClosingListener aer = new AutoErrorClosingListener(); + private static final String confirmation = "*** applet running ***"; + + + @BeforeClass + public static void setDeploymentManifestPermissionReadingOnly() throws IOException{ + dpm.setProperties(DeploymentConfiguration.KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK, ManifestAttributesChecker.MANIFEST_ATTRIBUTES_CHECK.PERMISSIONS.toString()); + } + + @AfterClass + public static void restoreDeploymentProeprtiees() throws IOException{ + dpm.restoreProperties(); + } + + @Test + public void javawsAllPermNoSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxUnsignedSandbox.jnlp"); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + @Test + public void javawsAllPermAllSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxUnsignedSandbox_security.jnlp"); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + public void javawsAppletAllPermNoSecurity() throws Exception{ + ProcessResult p = server.executeJavaws(Arrays.asList(new String[]{"-headless", "-verbose"}),"SandboxUnsignedSandbox_applet.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition()));//applets have exception flused only in verbose mode? strange... + } + @Test + public void javawsAppletAllPermAllSecurity() throws Exception{ + ProcessResult p = server.executeJavawsHeadless("SandboxUnsignedSandbox_applet_security.jnlp", new AutoOkClosingListener(), new AutoErrorClosingListener()); + Assert.assertFalse(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + @Test + @TestInBrowsers(testIn = Browsers.one) + public void appletAllPermAllSecurity() throws Exception{ + server.getBrowserLocation(); + ProcessResult p = server.executeBrowser("SandboxUnsignedSandbox.html", ServerAccess.AutoClose.CLOSE_ON_BOTH); + Assert.assertTrue(p.stdout.contains(confirmation)); + Assert.assertFalse(p.stdout.contains(aok.getCondition())); + Assert.assertTrue(p.stderr.contains(aer.getCondition())); + } + + +}