[pve-devel] new vnc 1.2 works fine now with http://fqdn....
Alexandre DERUMIER
aderumier at odiso.com
Sat Apr 20 17:43:21 CEST 2013
Works fine here too ! Thanks !
----- Mail original -----
De: "Dietmar Maurer" <dietmar at proxmox.com>
À: "Alexandre DERUMIER" <aderumier at odiso.com>
Cc: pve-devel at pve.proxmox.com
Envoyé: Samedi 20 Avril 2013 16:14:28
Objet: RE: [pve-devel] new vnc 1.2 works fine now with http://fqdn....
Hi Alexandre,
that really solved the problem - please can you verify:
https://git.proxmox.com/?p=vncterm.git;a=summary
Many thanks for finding this!
Besides, I still do not understand how that improves security.
> -----Original Message-----
> From: Alexandre DERUMIER [mailto:aderumier at odiso.com]
> Sent: Samstag, 20. April 2013 09:03
> To: Dietmar Maurer
> Cc: pve-devel at pve.proxmox.com
> Subject: Re: [pve-devel] new vnc 1.2 works fine now with http://fqdn....
>
> If I understand, it seem that the problem is that we interact from extjs javascript
> (unsigned code) with vnc java console (signed code).
>
> Maybe adding "Trusted-Library: true " to VncViewer.jar manifest.mf could help ?
>
>
> ----- Mail original -----
>
> De: "Alexandre DERUMIER" <aderumier at odiso.com>
> À: "Dietmar Maurer" <dietmar at proxmox.com>
> Cc: pve-devel at pve.proxmox.com
> Envoyé: Samedi 20 Avril 2013 08:56:29
> Objet: Re: [pve-devel] new vnc 1.2 works fine now with http://fqdn....
>
> I found this on the net:
>
> "
> Java 7 Update 21 was released on April 16 2013 and caused our applet to start
> showing this warning dialog.
>
> Per the release notes: As of JDK 7u21, JavaScript code that calls code within a
> privileged applet is treated as mixed code and warning dialogs are raised if the
> signed JAR files are not tagged with the Trusted-Library attribute.
>
> To fix this edit your manifest.mf file and add a line like this:
>
> Trusted-Library: true
> You should be very careful before doing this though. If your signed applet can be
> called from javascript then a malicious user can potentially do harmful things on
> your users' computers.
>
> One quick way to secure your applet is to prevent it from being run on other
> websites. Do this by putting code in the init() method that looks at
> getCodeBase().getHost() and throws an exception if it does not match your site.
> "
>
> ----- Mail original -----
>
> De: "Dietmar Maurer" <dietmar at proxmox.com>
> À: "Alexandre DERUMIER" <aderumier at odiso.com>
> Cc: pve-devel at pve.proxmox.com
> Envoyé: Vendredi 19 Avril 2013 18:10:12
> Objet: RE: [pve-devel] new vnc 1.2 works fine now with http://fqdn....
>
> > Oops, sorry, It's work fine after unblock, my vm was not started ;)
> >
> > Don't known why all the code is not signed....
>
> Our Applet is signed, but seem that oracle does not like our certificate.
> You can even install the CA as trusted CA, does not help.
>
> But you can set java "Mixed Code" option to
>
> "hide warning and run with protections"
>
> IMHO, oracle does not really know what they do.
> I mean, if a user wants to trust in something , why does he need to answer that
> question again and again?
>
> And why is the code mixed? (I sign the whole applet?)
>
> Any insights are welcome.
> _______________________________________________
> pve-devel mailing list
> pve-devel at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
More information about the pve-devel
mailing list