diff -r f58e426ca958 NEWS --- a/NEWS Mon Mar 10 16:30:44 2014 -0400 +++ b/NEWS Tue Mar 11 12:06:09 2014 +0100 @@ -14,7 +14,7 @@ * IcedTea-Web is now following XDG .config and .cache specification(RH947647) * A console for debugging plugin and javaws * Dialogs center on screen before becoming visible -* Support for u45 and u51 new manifest attributes (Application-Name, Codebase) +* Support for u45 and u51 new manifest attributes (Application-Name, Codebase, Permissions) * Custom applet permission policies panel in itweb-settings control panel * javaws -version flag * New PolicyEditor for easily adding/removing permissions to individual applets diff -r f58e426ca958 netx/net/sourceforge/jnlp/JNLPFile.java --- a/netx/net/sourceforge/jnlp/JNLPFile.java Mon Mar 10 16:30:44 2014 -0400 +++ b/netx/net/sourceforge/jnlp/JNLPFile.java Tue Mar 11 12:06:09 2014 +0100 @@ -57,6 +57,10 @@ * @version $Revision: 1.21 $ */ public class JNLPFile { + + public static enum ManifestBoolean { + TRUE, FALSE, UNDEFINED; + } // todo: save the update policy, then if file was not updated @@ -936,7 +940,7 @@ /** * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#trusted_only */ - public Boolean isTrustedOnly() { + public ManifestBoolean isTrustedOnly() { return processBooleanAttribute(TRUSTED_ONLY); } @@ -944,7 +948,7 @@ /** * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#trusted_library */ - public Boolean isTrustedLibrary() { + public ManifestBoolean isTrustedLibrary() { return processBooleanAttribute(TRUSTED_LIBRARY); } @@ -952,20 +956,35 @@ /** * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#permissions */ - public Boolean isSandboxForced() { + public ManifestBoolean isSandboxForced() { String s = getAttribute(PERMISSIONS); if (s == null) { - return null; + return ManifestBoolean.UNDEFINED; } else if (s.trim().equalsIgnoreCase("sandbox")) { - return true; + return ManifestBoolean.TRUE; } else if (s.trim().equalsIgnoreCase("all-permissions")) { - return false; + return ManifestBoolean.FALSE; } else { throw new IllegalArgumentException("Unknown value of " + PERMISSIONS + " attribute " + s + ". Expected sandbox or all-permissions"); } } + /** + * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/manifest.html#permissions + */ + public String permissionsToString() { + String s = getAttribute(PERMISSIONS); + if (s == null) { + return "Not defined"; + } else if (s.trim().equalsIgnoreCase("sandbox")) { + return s.trim(); + } else if (s.trim().equalsIgnoreCase("all-permissions")) { + return s.trim(); + } else { + return "illegal"; + } + } /** * get custom attribute. @@ -997,16 +1016,16 @@ return ClasspathMatcher.ClasspathMatchers.compile(s); } - private Boolean processBooleanAttribute(String id) throws IllegalArgumentException { + private ManifestBoolean processBooleanAttribute(String id) throws IllegalArgumentException { String s = getAttribute(id); if (s == null) { - return null; + return ManifestBoolean.UNDEFINED; } else { - s = s.trim(); - if (s.equalsIgnoreCase("true") || s.equalsIgnoreCase("false")) { - //the Boolean is working like below, thats why the condition - //return ((name != null) && name.equalsIgnoreCase("true")); - return Boolean.parseBoolean(s); + s = s.toLowerCase().trim(); + if (s.equals("true")) { + return ManifestBoolean.TRUE; + } else if (s.equals("false")) { + return ManifestBoolean.FALSE; } else { throw new IllegalArgumentException("Unknown value of " + id + " attribute " + s + ". Expected true or false"); } diff -r f58e426ca958 netx/net/sourceforge/jnlp/resources/Messages.properties --- a/netx/net/sourceforge/jnlp/resources/Messages.properties Mon Mar 10 16:30:44 2014 -0400 +++ b/netx/net/sourceforge/jnlp/resources/Messages.properties Tue Mar 11 12:06:09 2014 +0100 @@ -17,6 +17,8 @@ ButDone=Done ButShowDetails=Show Details ButHideDetails=Hide Details +ButYes=Yes +ButNo=No CertWarnRunTip=Trust this applet and run with full permissions CertWarnSandboxTip=Do not trust this applet and run with restricted permissions @@ -46,6 +48,16 @@ AboutDialogueTabNews=News AboutDialogueTabGPLv2=GPLv2 +# missing permissions dialogue +MissingPermissionsMainTitle=Application {0} \ +form codebase {1} is missing the permissions attribute. \ +Applications without this attribute should not be trusted. Do you wish to allow this application to run? +MissingPermissionsInfo=For more information you can visit:
\ + \ +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions
\ +and
\ +http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/no_redeploy.html + # LS - Severity LSMinor=Minor LSFatal=Fatal diff -r f58e426ca958 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java --- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Mon Mar 10 16:30:44 2014 -0400 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Tue Mar 11 12:06:09 2014 +0100 @@ -15,6 +15,7 @@ package net.sourceforge.jnlp.runtime; +import net.sourceforge.jnlp.JNLPFile.ManifestBoolean; import static net.sourceforge.jnlp.runtime.Translator.R; import java.io.File; @@ -289,6 +290,8 @@ checkCodebaseAttribute(); + checkPermissionsAttribute(); + installShutdownHooks(); @@ -2442,6 +2445,52 @@ } } + + /** + * http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#permissions + */ + public void checkPermissionsAttribute() throws LaunchException { + final ManifestBoolean permissions = file.getManifestsAttributes().isSandboxForced(); + AppletSecurityLevel level = AppletStartupSecuritySettings.getInstance().getSecurityLevel(); + if (level == AppletSecurityLevel.ALLOW_UNSIGNED) { + OutputController.getLogger().log(OutputController.Level.WARNING_ALL, "Although 'permissions' attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' Your Extended applets security is at 'low', continuing"); + return; + } + switch (permissions) { + case UNDEFINED: { + if (level == AppletSecurityLevel.DENY_UNSIGNED) { + throw new LaunchException("Your Extended applets security is at 'Very high', and this application is missing the 'permissions' attribute in manifest. This is fatal"); + } + if (level == AppletSecurityLevel.ASK_UNSIGNED) { + boolean a = SecurityDialogs.showMissingPermissionsAttributeDialogue(file.getTitle(), file.getCodeBase()); + if (!a) { + throw new LaunchException("Your Extended applets security is at 'high' and this applicationis missing the 'permissions' attribute in manifest. And you have refused to run it."); + } else { + OutputController.getLogger().log("Your Extended applets security is at 'high' and this applicationis missing the 'permissions' attribute in manifest. And you have allowed to run it."); + } + } + //default for missing is sandbox + if (!SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { + throw new LaunchException("The 'permissions' attribute is not specified, and application is requesting permissions. This is fatal"); + } + break; + } + case TRUE: { + if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { + OutputController.getLogger().log("The permissions attribute of this application is " + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct"); + } else { + throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is '" + security.getSecurityType() + "'. This is fatal"); + } + } + case FALSE: { + if (SecurityDesc.SANDBOX_PERMISSIONS.equals(security.getSecurityType())) { + throw new LaunchException("The 'permissions' attribute is '" + file.getManifestsAttributes().permissionsToString() + "' but security is' " + security.getSecurityType() + "'. This is fatal"); + } else { + OutputController.getLogger().log("The permissions attribute of this application is '" + file.getManifestsAttributes().permissionsToString() + "' and security is '" + security.getSecurityType() + "'. Thats correct"); + } + } + } + } /* * Helper class to expose protected URLClassLoader methods. diff -r f58e426ca958 netx/net/sourceforge/jnlp/security/SecurityDialog.java --- a/netx/net/sourceforge/jnlp/security/SecurityDialog.java Mon Mar 10 16:30:44 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialog.java Tue Mar 11 12:06:09 2014 +0100 @@ -37,6 +37,7 @@ package net.sourceforge.jnlp.security; +import net.sourceforge.jnlp.security.dialogs.MissingPermissionsAttributePanel; import net.sourceforge.jnlp.security.dialogs.AppletWarningPane; import net.sourceforge.jnlp.security.dialogs.AccessWarningPane; import net.sourceforge.jnlp.security.dialogs.NotAllSignedWarningPane; @@ -317,6 +318,8 @@ panel = new UnsignedAppletTrustWarningDialog(this, file); else if (dialogType == DialogType.AUTHENTICATION) panel = new PasswordAuthenticationPane(this, extras); + else if (dialogType == DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING) + panel = new MissingPermissionsAttributePanel(this, (String) extras[0], (String) extras[1]); add(panel, BorderLayout.CENTER); } diff -r f58e426ca958 netx/net/sourceforge/jnlp/security/SecurityDialogs.java --- a/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Mon Mar 10 16:30:44 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/SecurityDialogs.java Tue Mar 11 12:06:09 2014 +0100 @@ -41,6 +41,7 @@ import java.awt.event.WindowAdapter; import java.awt.event.WindowEvent; import java.net.NetPermission; +import java.net.URL; import java.security.AccessController; import java.security.PrivilegedAction; import java.util.concurrent.Semaphore; @@ -79,6 +80,7 @@ UNSIGNED_WARNING, /* requires confirmation with 'high-security' setting */ APPLET_WARNING, AUTHENTICATION, + UNSIGNED_EAS_NO_PERMISSIONS_WARNING /* when Extended applet security is at High Security and no permission attribute is find, */ } /** The types of access which may need user permission. */ @@ -286,6 +288,18 @@ } } + public static boolean showMissingPermissionsAttributeDialogue(String title, URL codeBase) { + + if (!shouldPromptUser()) { + return false; + } + + SecurityDialogMessage message = new SecurityDialogMessage(); + message.dialogType = DialogType.UNSIGNED_EAS_NO_PERMISSIONS_WARNING; + message.extras = new Object[]{title, codeBase.toExternalForm()}; + Object selectedValue = getUserResponse(message); + return SecurityDialogs.getIntegerResponseAsBoolean(selectedValue); + } /** * Posts the message to the SecurityThread and gets the response. Blocks * until a response has been recieved. It's safe to call this from an diff -r f58e426ca958 netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netx/net/sourceforge/jnlp/security/dialogs/MissingPermissionsAttributePanel.java Tue Mar 11 12:06:09 2014 +0100 @@ -0,0 +1,152 @@ +/* AppletWarningPane.java + Copyright (C) 2008 Red Hat, Inc. + + This file is part of IcedTea. + + IcedTea is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License as published by + the Free Software Foundation, version 2. + + IcedTea is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with IcedTea; see the file COPYING. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301 USA. + + Linking this library statically or dynamically with other modules is + making a combined work based on this library. Thus, the terms and + conditions of the GNU General Public License cover the whole + combination. + + As a special exception, the copyright holders of this library give you + permission to link this library with independent modules to produce an + executable, regardless of the license terms of these independent + modules, and to copy and distribute the resulting executable under + terms of your choice, provided that you also meet, for each linked + independent module, the terms and conditions of the license of that + module. An independent module is a module which is not derived from + or based on this library. If you modify this library, you may extend + this exception to your version of the library, but you are not + obligated to do so. If you do not wish to do so, delete this + exception statement from your version. + */ +package net.sourceforge.jnlp.security.dialogs; + +import java.awt.BorderLayout; +import java.awt.Color; +import java.awt.Desktop; +import java.awt.Dimension; +import java.awt.FlowLayout; +import java.awt.Font; +import java.awt.Image; +import java.io.IOException; +import java.net.URISyntaxException; +import java.net.URL; +import javax.imageio.ImageIO; + +import javax.swing.BorderFactory; +import javax.swing.BoxLayout; +import javax.swing.ImageIcon; +import javax.swing.JButton; +import javax.swing.JEditorPane; +import javax.swing.JFrame; +import javax.swing.JLabel; +import javax.swing.JPanel; +import javax.swing.SwingConstants; +import javax.swing.event.HyperlinkEvent; +import javax.swing.event.HyperlinkListener; +import net.sourceforge.jnlp.runtime.Translator; +import net.sourceforge.jnlp.security.SecurityDialog; +import net.sourceforge.jnlp.util.logging.OutputController; + +public class MissingPermissionsAttributePanel extends SecurityDialogPanel { + + public MissingPermissionsAttributePanel(SecurityDialog x, String title, String codebase) { + super(x); + try { + addComponents(title, codebase); + } catch (Exception ex) { + throw new RuntimeException(ex); + } + if (x != null) { + x.setMinimumSize(new Dimension(400, 300)); + } + } + + protected final void addComponents(String title, String codebase) throws IOException { + + URL imgUrl = this.getClass().getResource("/net/sourceforge/jnlp/resources/warning.png"); + ImageIcon icon = null; + Image img = ImageIO.read(imgUrl); + icon = new ImageIcon(img); + String topLabelText = Translator.R("MissingPermissionsMainTitle", title, codebase); + String bottomLabelText = Translator.R("MissingPermissionsInfo"); + + JLabel topLabel = new JLabel(htmlWrap(topLabelText), icon, SwingConstants.CENTER); + topLabel.setFont(new Font(topLabel.getFont().toString(), + Font.BOLD, 12)); + JPanel topPanel = new JPanel(new BorderLayout()); + topPanel.setBackground(Color.WHITE); + topPanel.add(topLabel, BorderLayout.CENTER); + topPanel.setPreferredSize(new Dimension(400, 80)); + topPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + + JEditorPane bottomLabel = new JEditorPane("text/html", htmlWrap(bottomLabelText)); + bottomLabel.setEditable(false); + bottomLabel.addHyperlinkListener(new HyperlinkListener() { + @Override + public void hyperlinkUpdate(HyperlinkEvent e) { + try { + if (e.getEventType() == HyperlinkEvent.EventType.ACTIVATED) { + Desktop.getDesktop().browse(e.getURL().toURI()); + } + } catch (IOException ex) { + OutputController.getLogger().log(ex); + } catch (URISyntaxException ex) { + OutputController.getLogger().log(ex); + } + } + }); + JPanel infoPanel = new JPanel(new BorderLayout()); + infoPanel.add(bottomLabel, BorderLayout.CENTER); + infoPanel.setPreferredSize(new Dimension(400, 80)); + infoPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + bottomLabel.setBackground(infoPanel.getBackground()); + + //run and cancel buttons + JPanel buttonPanel = new JPanel(new FlowLayout(FlowLayout.RIGHT)); + + JButton yes = new JButton(Translator.R("ButYes")); + JButton no = new JButton(Translator.R("ButNo")); + int buttonWidth = yes.getMinimumSize().width; + int buttonHeight = yes.getMinimumSize().height; + Dimension d = new Dimension(buttonWidth, buttonHeight); + yes.setPreferredSize(d); + no.setPreferredSize(d); + yes.addActionListener(createSetValueListener(parent, 0)); + no.addActionListener(createSetValueListener(parent, 1)); + initialFocusComponent = no; + buttonPanel.add(yes); + buttonPanel.add(no); + buttonPanel.setBorder(BorderFactory.createEmptyBorder(10, 10, 10, 10)); + //all of the above + setLayout(new BoxLayout(this, BoxLayout.Y_AXIS)); + add(topPanel); + add(infoPanel); + add(buttonPanel); + + } + + public static void main(String[] args) { + MissingPermissionsAttributePanel w = new MissingPermissionsAttributePanel(null, "HelloWorld", "http://nbblah.url"); + JFrame f = new JFrame(); + f.setSize(400, 300); + f.add(w, BorderLayout.CENTER); + f.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); + f.setVisible(true); + } +} diff -r f58e426ca958 netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java --- a/netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java Mon Mar 10 16:30:44 2014 -0400 +++ b/netx/net/sourceforge/jnlp/security/dialogs/SecurityDialogPanel.java Tue Mar 11 12:06:09 2014 +0100 @@ -53,7 +53,7 @@ protected SecurityDialog parent; - JComponent initialFocusComponent = null; + protected JComponent initialFocusComponent = null; CertVerifier certVerifier = null; diff -r f58e426ca958 tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java Mon Mar 10 16:30:44 2014 -0400 +++ b/tests/netx/unit/net/sourceforge/jnlp/runtime/CodeBaseClassLoaderTest.java Tue Mar 11 12:06:09 2014 +0100 @@ -53,12 +53,30 @@ import net.sourceforge.jnlp.runtime.JNLPClassLoader.CodeBaseClassLoader; import net.sourceforge.jnlp.annotations.Bug; import net.sourceforge.jnlp.annotations.Remote; +import net.sourceforge.jnlp.config.DeploymentConfiguration; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings; +import net.sourceforge.jnlp.util.logging.NoStdOutErrTest; import org.junit.AfterClass; import org.junit.Assert; +import org.junit.BeforeClass; import org.junit.Test; -public class CodeBaseClassLoaderTest { +public class CodeBaseClassLoaderTest extends NoStdOutErrTest { + + private static AppletSecurityLevel level; + + @BeforeClass + public static void setPermissions() { + level = AppletStartupSecuritySettings.getInstance().getSecurityLevel(); + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ALLOW_UNSIGNED.toChars()); + } + + @AfterClass + public static void resetPermissions() { + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, level.toChars()); + } private static final String isWSA = "isWebstartApplication"; diff -r f58e426ca958 tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java --- a/tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java Mon Mar 10 16:30:44 2014 -0400 +++ b/tests/netx/unit/net/sourceforge/jnlp/runtime/JNLPFileTest.java Tue Mar 11 12:06:09 2014 +0100 @@ -45,14 +45,33 @@ import net.sourceforge.jnlp.InformationDesc; import net.sourceforge.jnlp.JNLPFile; import net.sourceforge.jnlp.cache.UpdatePolicy; +import net.sourceforge.jnlp.config.DeploymentConfiguration; import net.sourceforge.jnlp.mock.DummyJNLPFileWithJar; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletSecurityLevel; +import net.sourceforge.jnlp.security.appletextendedsecurity.AppletStartupSecuritySettings; import net.sourceforge.jnlp.util.FileTestUtils; import net.sourceforge.jnlp.util.logging.NoStdOutErrTest; +import org.junit.AfterClass; import org.junit.Assert; +import org.junit.BeforeClass; import org.junit.Test; public class JNLPFileTest extends NoStdOutErrTest { + private static AppletSecurityLevel level; + + @BeforeClass + public static void setPermissions() { + level = AppletStartupSecuritySettings.getInstance().getSecurityLevel(); + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, AppletSecurityLevel.ALLOW_UNSIGNED.toChars()); + } + + @AfterClass + public static void resetPermissions() { + JNLPRuntime.getConfiguration().setProperty(DeploymentConfiguration.KEY_SECURITY_LEVEL, level.toChars()); + } + + @Test public void newSecurityAttributesTestNotSet() throws Exception { //oreder is tested in removeTitle @@ -83,9 +102,9 @@ Assert.assertNull("classlaoder attached, but should be null", jnlpFile.getManifestsAttributes().getApplicationLibraryAllowableCodebase()); Assert.assertNull("classlaoder attached, but should be null", jnlpFile.getManifestsAttributes().getCallerAllowableCodebase()); Assert.assertNull("classlaoder attached, but should be null", jnlpFile.getManifestsAttributes().getCodebase()); - Assert.assertNull("classlaoder attached, but should be null", jnlpFile.getManifestsAttributes().isSandboxForced()); - Assert.assertNull("classlaoder attached, but should be null", jnlpFile.getManifestsAttributes().isTrustedLibrary()); - Assert.assertNull("classlaoder attached, but should be null", jnlpFile.getManifestsAttributes().isTrustedOnly()); + Assert.assertEquals("no classlaoder attached, should be null", JNLPFile.ManifestBoolean.UNDEFINED, jnlpFile.getManifestsAttributes().isSandboxForced()); + Assert.assertEquals("no classlaoder attached, should be null", JNLPFile.ManifestBoolean.UNDEFINED, jnlpFile.getManifestsAttributes().isTrustedLibrary()); + Assert.assertEquals("no classlaoder attached, should be null", JNLPFile.ManifestBoolean.UNDEFINED, jnlpFile.getManifestsAttributes().isTrustedOnly()); } @Test @@ -135,15 +154,22 @@ Assert.assertNull("no classlaoder attached, should be null", jnlpFile.getManifestsAttributes().getApplicationLibraryAllowableCodebase()); Assert.assertNull("no classlaoder attached, should be null", jnlpFile.getManifestsAttributes().getCallerAllowableCodebase()); Assert.assertNull("no classlaoder attached, should be null", jnlpFile.getManifestsAttributes().getCodebase()); - Assert.assertNull("no classlaoder attached, should be null", jnlpFile.getManifestsAttributes().isSandboxForced()); - Assert.assertNull("no classlaoder attached, should be null", jnlpFile.getManifestsAttributes().isTrustedLibrary()); - Assert.assertNull("no classlaoder attached, should be null", jnlpFile.getManifestsAttributes().isTrustedOnly()); + Assert.assertEquals("no classlaoder attached, should be null", JNLPFile.ManifestBoolean.UNDEFINED, jnlpFile.getManifestsAttributes().isSandboxForced()); + Assert.assertEquals("no classlaoder attached, should be null", JNLPFile.ManifestBoolean.UNDEFINED, jnlpFile.getManifestsAttributes().isTrustedLibrary()); + Assert.assertEquals("no classlaoder attached, should be null", JNLPFile.ManifestBoolean.UNDEFINED, jnlpFile.getManifestsAttributes().isTrustedOnly()); final JNLPClassLoader classLoader = new JNLPClassLoader(jnlpFile, UpdatePolicy.ALWAYS); //jnlp file got its instance in classlaoders constructor //jnlpFile.getManifestsAttributes().setLoader(classLoader); - final JNLPClassLoader errorClassLoader = new JNLPClassLoader(errorJnlpFile, UpdatePolicy.ALWAYS);//jnlp file got its instance in classlaoders constructor - //errorJnlpFile.getManifestsAttributes().setLoader(errorClassLoader); + Exception ex = null; + try { + final JNLPClassLoader errorClassLoader = new JNLPClassLoader(errorJnlpFile, UpdatePolicy.ALWAYS);//jnlp file got its instance in classlaoders constructor + //errorJnlpFile.getManifestsAttributes().setLoader(errorClassLoader); + } catch (Exception e){ + //correct exception + ex = e; + } + Assert.assertNotNull(ex); Assert.assertEquals("DummyClass1 title", jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.APP_NAME))); Assert.assertEquals("*.com https://*.cz", jnlpFile.getManifestsAttributes().getAttribute(new Attributes.Name(JNLPFile.ManifestsAttributes.APP_LIBRARY_ALLOWABLE))); @@ -175,11 +201,11 @@ Assert.assertEquals(true, jnlpFile.getManifestsAttributes().getCodebase().matches(new URL("ftp://aa.bb.net"))); Assert.assertEquals(true, jnlpFile.getManifestsAttributes().getCodebase().matches(new URL("https://x.net"))); Assert.assertEquals(false, jnlpFile.getManifestsAttributes().getCodebase().matches(new URL("http://aa.bb/com"))); - Assert.assertEquals(true, jnlpFile.getManifestsAttributes().isSandboxForced()); - Assert.assertEquals(false, jnlpFile.getManifestsAttributes().isTrustedLibrary()); - Assert.assertEquals(false, jnlpFile.getManifestsAttributes().isTrustedOnly()); + Assert.assertEquals(JNLPFile.ManifestBoolean.TRUE, jnlpFile.getManifestsAttributes().isSandboxForced()); + Assert.assertEquals(JNLPFile.ManifestBoolean.FALSE, jnlpFile.getManifestsAttributes().isTrustedLibrary()); + Assert.assertEquals(JNLPFile.ManifestBoolean.FALSE, jnlpFile.getManifestsAttributes().isTrustedOnly()); - Exception ex = null; + ex = null; try { errorJnlpFile.getManifestsAttributes().isSandboxForced(); } catch (Exception e) {