[cp-patches] Patch: Security warning for appletviewer
langel at redhat.com
Mon Jun 5 14:19:40 UTC 2006
I worked with fitzsim to add a security warning for each applet loaded.
The user has the choice to load (trust) the applet, cancel the loading
of the applet, or load the applet and add the address to a whitelist.
This whitelist is a file that contains a list of applets that the user
would like to trust indefinitely.
All temp appletviewer files and the whitelist are stored in
the .mozilla/plugins/gcjwebplugin-data/ directory.
Tom has checked over all the code and has cleaned it up. This has been
committed. Please comment.
2006-06-05 Lillian Angel <langel at redhat.com>
Fixed to use a set plugin directory in the .mozilla directory.
All applet logs are now stored here, instead of /tmp.
Added new fields for security warning.
(GCJ_NEW): Added code to generate a security warning for all
pages that spawn an appletviewer. This warning asks the user if
they trust the applet and if they would like to add it to a
'whitelist'. This whitelist keeps track of all the addresses
the user would like to trust indefinitely.
(plugin_user_trusts_documentbase): New helper function.
(plugin_add_documentbase_to_whitelist): New helper function.
(plugin_ask_user_about_documentbase): New helper function.
(plugin_in_pipe_callback): Fixed check to determine if
channel_error has been set.
(plugin_create_applet_tag): Reset all fields to null after
they have been freed.
(plugin_send_message_to_appletviewer): Fixed all error checks
to determine if channel_error has been set.
(NP_Initialize): Likewise. Also, added code to determine if
directory and file should be created.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 27171 bytes
Desc: not available
Url : http://developer.classpath.org/pipermail/classpath-patches/attachments/20060605/8739ff28/cp-0001.bin
More information about the Classpath-patches