-
Bug
-
Resolution: Fixed
-
P3
-
9
-
b105
-
Verified
ENV: win7/x86/jre9-b96
Steps to reproduce:
1. Add http://kgb.us.oracle.com:8080 to Exception Site List
2. Copy http://kgb.us.oracle.com:8080/JawsESL/lib/blacklist to JRE_HOME/lib/secuity
3. Load jnlp that is expired ca signed and sandboxed:
javaws http://kgb.us.oracle.com:8080/JawsESL/jnlp/testExpiredCASignedMFSandboxHello.jnlp
4. Test URL matches ESL entry but its jar blacklisted
5. If a security warning dialog saying "An unsigned application from the location below is requesting permission to run" show up, then this bug is reproduced. See attachment b96.png
Expected behavior: app should be blocked
Note: no such issue with jre9-b95. See attachment b95.png
Steps to reproduce:
1. Add http://kgb.us.oracle.com:8080 to Exception Site List
2. Copy http://kgb.us.oracle.com:8080/JawsESL/lib/blacklist to JRE_HOME/lib/secuity
3. Load jnlp that is expired ca signed and sandboxed:
javaws http://kgb.us.oracle.com:8080/JawsESL/jnlp/testExpiredCASignedMFSandboxHello.jnlp
4. Test URL matches ESL entry but its jar blacklisted
5. If a security warning dialog saying "An unsigned application from the location below is requesting permission to run" show up, then this bug is reproduced. See attachment b96.png
Expected behavior: app should be blocked
Note: no such issue with jre9-b95. See attachment b95.png
- relates to
-
JDK-8142345 Remove code that adds certificate and manifest data to cache entry index file
-
- Resolved
-