Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8039034

8u20: No blocked dialog for plugin and javafx apps when no jre matches the rule specified by Admin(DRS with force)

    XMLWordPrintable

Details

    • b12
    • Verified

    Backports

      Description

        When there is no jre matches the rule specified by Admin, there is a blocked dialog for javaws apps. But no such dialog for plugin applet and javafx apps.

        Steps to reproduce:
        test scenario: Admin provide a secure version(version="secure") with "force=true" while no secure jre installed on system
        1) Install 8u20 nighty build#2550
        2) Download http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/crystal/DO_NOT_REMOVE_ME/jrebug/LSPJPI/lib/DeploymentRuleSet.jar and then copy it to deployment.system.home/
        In this DeploymentRuleSet.jar, we have:
        <ruleset version="1.1">
          <rule> <!-- allow run everything -->
             <id location="http://sqeweb.us.oracle.com/"/>
             <action permission="run" version="SECURE" force="true"/>
          </rule>
          <!-- block everything else -->
          <rule>
             <id/>
             <action permission="block" message="we don't want to run anything else"/>
          </rule>
        </ruleset>
        3) Make sure you can access to internet or disable OCSP and CRL check from JCP
        4) Add information "1.8.0_99" to baseline.versions file under {DEPLOY_USER_HOME}/security/ dir to make test jre as old
        5) Load applet: http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/crystal/DO_NOT_REMOVE_ME/jrebug/LSPJPI/html/UnsignedSandboxJNLP.html
        6) If this app get blocked directly without any blocked dialog, then this bug is reproduced. In log, there is NPE:
        java.lang.NullPointerException
        at sun.plugin2.applet.Plugin2Manager.setParameter(Unknown Source)
        at sun.plugin2.main.client.PluginMain.performSSVValidation(Unknown Source)
        at sun.plugin2.main.client.PluginMain$StartAppletListener.appletSSVValidation(Unknown Source)
        at sun.plugin2.applet.Plugin2Manager.fireAppletSSVValidation(Unknown Source)
        at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
        at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
        at java.lang.Thread.run(Unknown Source)

        Expected behavior:
        There should be a blocked dialog shows up.

        Note:
        For javaws apps, there is a blocked dialog. See attachment javaws-blocked-dialog.png
        Steps to reproduce:
        1) Install 8u20 nighty build#2550
        2) Download http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/crystal/DO_NOT_REMOVE_ME/jrebug/LSPJPI/lib/DeploymentRuleSet.jar and then copy it to deployment.system.home/
        In this DeploymentRuleSet.jar, we have:
        <ruleset version="1.1">
          <rule> <!-- allow run everything -->
             <id location="http://sqeweb.us.oracle.com/"/>
             <action permission="run" version="SECURE" force="true"/>
          </rule>
          <!-- block everything else -->
          <rule>
             <id/>
             <action permission="block" message="we don't want to run anything else"/>
          </rule>
        </ruleset>
        3) Make sure you can access to internet or disable OCSP and CRL check from JCP
        4) Add information "1.8.0_99" to baseline.versions file under {DEPLOY_USER_HOME}/security/ dir to make test jre as old
        5) Load javaws app: http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/crystal/DO_NOT_REMOVE_ME/jrebug/JawsLocalSecurityPolicy/jnlp/testSelfsignedAllpermissionJNLP.jnlp
        6) There will be a "Java Application Blocked dialog" shows up.

        Attachments

          Issue Links

            backported by

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8041400 8u20: No blocked dialog for plugin and javafx apps when no jre matches the rule specified by Admin(DRS with force)

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8045019 8u20: No blocked dialog for plugin and javafx apps when no jre matches the rule specified by Admin(DRS with force)

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8053111 8u20: No blocked dialog for plugin and javafx apps when no jre matches the rule specified by Admin(DRS with force)

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Backport - A issue that is required to port a Bug or Feature into another product release. This issue type is generally associated with the main Bug/Feature to represent each individual release of the port. JDK-8071923 8u20: No blocked dialog for plugin and javafx apps when no jre matches the rule specified by Admin(DRS with force)

            • P2 - Crashes, loss of data, severe memory leak.
            • Resolved

            Activity

              People

                herrick Andy Herrick (Inactive)
                wenjyang Crystal Yang (Inactive)
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved: