aboutsummaryrefslogtreecommitdiffstats
path: root/netx/net/sourceforge/jnlp/security/appletextendedsecurity
diff options
context:
space:
mode:
Diffstat (limited to 'netx/net/sourceforge/jnlp/security/appletextendedsecurity')
-rw-r--r--netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java30
1 files changed, 20 insertions, 10 deletions
diff --git a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java
index 6139321..afe693f 100644
--- a/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java
+++ b/netx/net/sourceforge/jnlp/security/appletextendedsecurity/UnsignedAppletTrustConfirmation.java
@@ -51,6 +51,7 @@ import net.sourceforge.jnlp.LaunchException;
import net.sourceforge.jnlp.PluginBridge;
import net.sourceforge.jnlp.cache.ResourceTracker;
import net.sourceforge.jnlp.security.SecurityDialogs;
+import net.sourceforge.jnlp.security.UnsignedAppletTrustWarningPanel.UnsignedWarningAction;
public class UnsignedAppletTrustConfirmation {
static private final boolean DEBUG = System.getenv().containsKey("ICEDTEAPLUGIN_DEBUG");
@@ -116,9 +117,9 @@ public class UnsignedAppletTrustConfirmation {
return fileNames;
}
- private static void updateAppletAction(PluginBridge file, ExecuteUnsignedApplet behaviour) {
-
+ private static void updateAppletAction(PluginBridge file, ExecuteUnsignedApplet behaviour, boolean rememberForCodeBase) {
UnsignedAppletActionStorage userActionStorage = securitySettings.getUnsignedAppletActionCustomStorage();
+
userActionStorage.lock(); // We should ensure this operation is atomic
try {
UnsignedAppletActionEntry oldEntry = getMatchingItem(userActionStorage, file);
@@ -136,14 +137,22 @@ public class UnsignedAppletTrustConfirmation {
/* Else, create a new entry */
UrlRegEx codebaseRegex = new UrlRegEx("\\Q" + codebase + "\\E");
- UrlRegEx documentbaseRegex = new UrlRegEx("\\Q" + documentbase + "\\E");
+ UrlRegEx documentbaseRegex = new UrlRegEx(".*"); // Match any from codebase
+ List<String> archiveMatches = null; // Match any from codebase
+
+ if (!rememberForCodeBase) {
+ documentbaseRegex = new UrlRegEx("\\Q" + documentbase + "\\E"); // Match only this applet
+ archiveMatches = toRelativePaths(file.getArchiveJars(), file.getCodeBase().toString()); // Match only this applet
+ }
UnsignedAppletActionEntry entry = new UnsignedAppletActionEntry(
behaviour,
new Date(),
documentbaseRegex,
- codebaseRegex,
- toRelativePaths(file.getArchiveJars(), file.getCodeBase().toString()));
+ codebaseRegex,
+ archiveMatches
+ );
+
userActionStorage.add(entry);
} finally {
userActionStorage.unlock();
@@ -179,15 +188,16 @@ public class UnsignedAppletTrustConfirmation {
appletOK = false;
} else {
// No remembered decision, prompt the user
- ExecuteUnsignedApplet decidedAction = SecurityDialogs.showUnsignedWarningDialog(file);
+ UnsignedWarningAction warningResponse = SecurityDialogs.showUnsignedWarningDialog(file);
+ ExecuteUnsignedApplet executeAction = warningResponse.getAction();
- appletOK = (decidedAction == ExecuteUnsignedApplet.YES || decidedAction == ExecuteUnsignedApplet.ALWAYS);
+ appletOK = (executeAction == ExecuteUnsignedApplet.YES || executeAction == ExecuteUnsignedApplet.ALWAYS);
- if (decidedAction != null) {
- updateAppletAction(file, decidedAction);
+ if (executeAction != null) {
+ updateAppletAction(file, executeAction, warningResponse.rememberForCodeBase());
}
- debug("Decided action for unsigned applet at " + file.getCodeBase() +" was " + decidedAction);
+ debug("Decided action for unsigned applet at " + file.getCodeBase() +" was " + executeAction);
}
if (!appletOK) {