Details
-
Bug
-
Resolution: Fixed
-
P3
-
8
-
b82
-
Verified
Backports
| Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
|---|---|---|---|---|---|---|
| JDK-8021686 | 7u60 | Mark Howe | P3 | Resolved | Fixed | b01 |
| JDK-8017654 | 7u45 | Mark Howe | P3 | Closed | Fixed | b01 |
| JDK-8010264 | 7u40 | Mark Howe | P3 | Closed | Fixed | b17 |
| JDK-8010237 | 7u25 | Mark Howe | P3 | Closed | Fixed | b02 |
| JDK-8010245 | 7u21 | Mark Howe | P3 | Closed | Fixed | b07 |
Description
Testing env: 32bit winxp, jre 8 nightly bundle #613
Steps to reproduce:
- launch app http://rehte.cn.oracle.com:8080/wshost/new_framework/new_framework/tests/javafx/manual/Preloader/html/SignedHelloPreloaderSandbox1.jnlp
- There is a security dialog
- Click "I accept... " and "Do not show..." checkbox on the dialog
- Click Run button
- Close the app
- Launch another app http://rehte.cn.oracle.com:8080/wshost/new_framework/new_framework/tests/javafx/manual/Preloader/html/SignedHelloPreloaderSandbox2.jnlp
The 2 apps have different href in jnlp file, so they should be considered to be different applications.
- If there is no security dialog for the second app, bug is reproduced.
Source code location:
http://rehte.cn.oracle.com:8080/wshost/new_framework/new_framework/tests/javafx/manual/Preloader/src
The behavior described above is correct. The meaning of always recently changed from "always for anything signed by this certificate" to "anything from this host signed by this certificate", but this text was wrong even before that, saying specifically "Do not show this again for this app".
The String used for signed all-permission apps, "security.dialog.always" was properly changed to :
"&Do not show this again for apps from the publisher and location above"
but the value of "sandbox.security.dialog.always" did not change. It needs to - or it needs to be just removed, and the code referencing it in both DialogTemplate.java and JavaFX equivalent needs to be modified to just use the same always string for sandbox signed certificate dialog as for normal certificate dialog.
The later solution would not need additional translations though it requires changing both Java and JavaFX code.
Steps to reproduce:
- launch app http://rehte.cn.oracle.com:8080/wshost/new_framework/new_framework/tests/javafx/manual/Preloader/html/SignedHelloPreloaderSandbox1.jnlp
- There is a security dialog
- Click "I accept... " and "Do not show..." checkbox on the dialog
- Click Run button
- Close the app
- Launch another app http://rehte.cn.oracle.com:8080/wshost/new_framework/new_framework/tests/javafx/manual/Preloader/html/SignedHelloPreloaderSandbox2.jnlp
The 2 apps have different href in jnlp file, so they should be considered to be different applications.
- If there is no security dialog for the second app, bug is reproduced.
Source code location:
http://rehte.cn.oracle.com:8080/wshost/new_framework/new_framework/tests/javafx/manual/Preloader/src
The behavior described above is correct. The meaning of always recently changed from "always for anything signed by this certificate" to "anything from this host signed by this certificate", but this text was wrong even before that, saying specifically "Do not show this again for this app".
The String used for signed all-permission apps, "security.dialog.always" was properly changed to :
"&Do not show this again for apps from the publisher and location above"
but the value of "sandbox.security.dialog.always" did not change. It needs to - or it needs to be just removed, and the code referencing it in both DialogTemplate.java and JavaFX equivalent needs to be modified to just use the same always string for sandbox signed certificate dialog as for normal certificate dialog.
The later solution would not need additional translations though it requires changing both Java and JavaFX code.
Attachments
Issue Links
- backported by
-
JDK-8021686 String for always accept does not match meaning of always in signed sandbox security dialog.
-
- Resolved
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-