On 03/10/2011 12:02 AM, Neil Richards wrote:
On 1 March 2011 09:18, Chris Hegarty<chris.hega...@oracle.com> wrote:
Michael,
Can you please take a look at this change, CR 7021280: "SocketPermission
trustProxy should accept wildcards".
This patch came from Charles (cc'ed), and I agree with the changes. Can you
please take a look and give your feedback.
http://cr.openjdk.java.net/~chegar/7021280/webrev.00/webrev/
-Chris.
In the suggested fix, I see that the comparison becomes
'thatHost.endsWith(this.cname)' if 'this.wildcard' is 'true'.
Prior to the change, the comparison was (always)
'thisHost.equalsIgnoreCase(thatHost)'.
So, on the surface, it looks like a case-insensitive comparison -
String.equalsIgnoreCase() - has been replaced (when 'this.wildcard' is
'true') with a case-sensitive comparison - String.endsWith().
Is there a reason why this change in case sensitivity is not a problem
in this instance, or does the suggested fix need to be reworked to
make the new comparison (also) case-insensitive ?
- Neil
--
Unless stated above:
IBM email: neil_richards at uk.ibm.com
IBM United Kingdom Limited - Registered in England and Wales with number 741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU
Hi Neil,
With a quick search in the SocketPermission using "cname =" as search
word, cname always seems to be lower cases. But hostname does not. It
may need some rework on the patch.
And more, every place where cname compare with another cname should use
normal equalsTo (equalsIgnoreCase is not needed). Every place where
getName and hostname is involved should use case-insensitive comparison.
Any opinion, Neil and Chris?
