Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8039039

ESL does not work well if the html/applet's jar is located at 3rd-party site.

    Details

      Description

      Step to reproduce:
      1. install 8u5b13 on windows7-x86/chrome (I think other configs have the same issue anyway)
      2. config your proxy so that you could access http://docs.oracle.com/ (you could also switch off ocsp/crl check so that applet could be loaded faster)
      3. access page http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/stephen/deployment_stuff/do.NOT.remove.me/sqe-rb/new_framework/13961/UserDecisionPersistence/html/SecondApplet_testMulitpleUnsignedApplets_DifferentHosts.html
      4. note the page itself is located at sqeweb.us.oracle.com but applet jar is actually http://docs.oracle.com/javase/tutorial/deployment/applet/examples/dist/applet_HelloWorld/applet_HelloWorld.jar which is valid CA signed.
      5. accept the valid ca cert dialog, the applet should be loaded fine then.

      6. Now clear cache and then add http://sqeweb.us.oracle.com into ESL via JCP.
      7. access the page again
      8. If the applet gets blocked with message below, then the issue is reproduced (screenshot attached), then the issue is reproduced.
      ==========
      The application was blocked even though the host site of the html file at: http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/stephen/deployment_stuff/do.NOT.remove.me/sqe-rb/new_framework/13961/UserDecisionPersistence/html/SecondApplet_testMulitpleUnsignedApplets_DifferentHosts.html is included in the Exception Site List because the application refers to resources on multiple domains.
      The jar file at http://docs.oracle.com/javase/tutorial/deployment/applet/examples/dist/applet_HelloWorld/applet_HelloWorld.jar is on a different domain and is not also included on the Exception Site List.
      basic: The application was blocked even though the host site of the html file at: http://sqeweb.us.oracle.com/net/sqenfs-1/export1/comp/jsn/users/stephen/deployment_stuff/do.NOT.remove.me/sqe-rb/new_framework/13961/UserDecisionPersistence/html/SecondApplet_testMulitpleUnsignedApplets_DifferentHosts.html is included in the Exception Site List because the application refers to resources on multiple domains.
      The jar file at http://docs.oracle.com/javase/tutorial/deployment/applet/examples/dist/applet_HelloWorld/applet_HelloWorld.jar is on a different domain and is not also included on the Exception Site List.
      ===========

      There are two issues here
      1. the blocking dialog's title is "Application blocked by Deployment Rule Set" but there's no DRS defined at all.
      2. This doesn't make sense that after we added something to ESL, then apps that could be loaded before can no longer be loaded now.

        Attachments

          Activity

            People

            • Assignee:
              herrick Andy Herrick
              Reporter:
              stephenh Stephen Hu (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: