Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8135227

DRS 1.3 enhancements doesn't work as expected when load no href jnlp by "javaws <local_path_of_jnlp_file>"

XMLWordPrintable

    • b83
    • Verified

        Loading no href jnlp by "javaws <local_path_of_jnlp_file>" does not work as far as DRS1.3 enhancement is concerned.

        ENV: win7/x64/9-client nightly build #3316

        Steps to reproduce:
        1). Import self ca cert to JCP -> Security -> Manage Certificates -> Singer CA.
            http://kgb.us.oracle.com:8080/DRS13Manual/lib/self.valid.cert
        2). Set up rule set
            http://kgb.us.oracle.com:8080/DRS13Manual/lib/DeploymentRuleSet.jar
            For rule set content, see http://kgb.us.oracle.com:8080/DRS13Manual/lib/ruleset.xml
        3). Download jnlp file testCertsignedAllpermissionJNLPNoHref.jnlp from http://kgb.us.oracle.com:8080/DRS13Manual/html/testApps.html
        4). Save it to C:\test
        5). Run javaws with local file path arg: javaws C:/test/testCertsignedAllpermissionJNLPNoHref.jnlp
        6). If a valid security warning dialog will show up which should not since the SHA-256 checksum of this jnlp is matched to the hash attribute of the "jnlp-checksum" sum elements in ruleset.xml, then this bug is reproduced.

        Note:
        1. "javaws -browser <local_path_of_jnlp_file>" works fine(a dialog saying "Application Allowed by Deployment Rule Set" will show up).
        2. If launch jnlp by double click jnlp file or right click jnlp and open with "Java(TM) Web Start Launcher", it works fine.
        3. If load jnlp by clicking on the link testCertsignedAllpermissionJNLPNoHref.jnlp in a browser from http://kgb.us.oracle.com:8080/DRS13Manual/html/testApps.html, it works fine.

              herrick Andy Herrick (Inactive)
              wenjyang Crystal Yang (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: