Change Log for the Java Network Launching Protocol and API specification, v1.0
Send comments to: jnlp-comments@eng.sun.com
ACCEPTED
- Update the restricted environment to include the AWT permission
"accessEventQueue".
Justification:
- To ensure backwards compatible with the Applet sandbox,
which grants this permission.
- AWT requires this permission to work correctly. Methods such
as Frame.setVisible and SwingUtilities.invokeLater
does not work in certain corner-case situations if the permission
is not granted.
- Does not break compatibility with 1.0 specification
Issues:
A JNLP Client must ensure that the implementation of the JNLP
services are secure. For example, if a JNLP Client restricts access
to the clipboard by displaying a security advisor dialog, then the JNLP
Client must ensure that this dialog cannot be programmatically closed by,
e.g., posting events to the event queue. The specification will be updated
to describe this issue.
Availability:
- Section 3.4: Clarify that URLs used in a JNLP file must properly
encode all characters. A URL that contains special characters, such
as a percent sign (%) or a space must encode these characters as,
e.g., %25 and %20, respectivly. (Section 6.1.1 describes the character
encoding rules for a URL.)
Justification:
- This is a clarification. No change in behavior.
- Section 4.4: The example incorrectly uses the kind attribute. It should
be the download attribute.
Justification:
- This is a typo in 1.0 specification.
- Section B.3: Clarify that the index file uses the remove command. The
section incorrectly talks about the delete command in one place.
Justification:
- This is a typo in 1.0 specification.
DEFERRED
|
Print-friendly Version
