JDK-4800036 : URL redirect bug still exists in 1.4.1
  • Type: Bug
  • Component: deploy
  • Sub-Component: plugin
  • Affected Version: 1.4.1_01
  • Priority: P4
  • Status: Closed
  • Resolution: Cannot Reproduce
  • OS: windows_xp
  • CPU: x86
  • Submitted: 2003-01-08
  • Updated: 2003-06-10
  • Resolved: 2003-06-10
Description

Name: gm110360			Date: 01/08/2003


FULL PRODUCT VERSION :
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.1_01-b01)
Java HotSpot(TM) Client VM (build 1.4.1_01-b01, mixed mode)

FULL OPERATING SYSTEM VERSION :
XP PL SP 1, JRE 1.4.1_01

ADDITIONAL OPERATING SYSTEMS :
none


A DESCRIPTION OF THE PROBLEM :
bug 4559313 has been closed, but still exists..

Trace level set to 5: basic, net, security, ext, liveconnect
... completed.

Ping the proxy server 126.17.71.27 on port 3 128

Connecting
https://planet.fortisbanking.com.pl/client/security/applets/HashPassword.zip
with proxy=126.17.71.27:3128

Connecting
https://planet.fortisbanking.com.pl/client/security/applets/HashPassword.zip
with cookie "JSESSIONID=00001B104HV5ESZUXBJ0S0DCHIY:u66v8sgl"

Loading Root CA certificates from
C:\PROGRA~1\Java\J2RE14~1.1_0\lib\security\cacerts

Loaded Root CA certificates from
C:\PROGRA~1\Java\J2RE14~1.1_0\lib\security\cacerts

Loading Https Root CA certificates from
C:\PROGRA~1\Java\J2RE14~1.1_0\lib\security\jssecacerts

Https Root CA certificates file not found:

Loaded Https Root CA certificates from
C:\PROGRA~1\Java\J2RE14~1.1_0\lib\security\jssecacerts

Loading JPI Https certificates from C:\Documents and
Settings\ml_340\.java\jpihttpscerts141_01

Loaded JPI Https certificates from C:\Documents and
Settings\ml_340\.java\jpihttpscerts141_01

Loading certificates from JPI session certificate store

Loaded certificates from JPI session certificate store

Checking if certificate is in JPI session certificate store

Checking if Https certificate is in JPI permanent
certificate store

java.lang.SecurityException: illegal URL redirect

	at
sun.plugin.net.protocol.http.HttpUtils.followRedirects(Unknown
Source)

	at sun.plugin.cache.CachedJarLoader.download(Unknown Source)

	at sun.plugin.cache.CachedJarLoader.load(Unknown Source)

	at sun.plugin.cache.JarCache.get(Unknown Source)

	at
sun.plugin.net.protocol.jar.CachedJarURLConnection.connect(Unknown
Source)

	at
sun.plugin.net.protocol.jar.CachedJarURLConnection.getJarFile(Unknown
Source)

	at sun.misc.URLClassPath$JarLoader.getJarFile(Unknown Source)

	at sun.misc.URLClassPath$JarLoader.<init>(Unknown Source)

	at sun.misc.URLClassPath$3.run(Unknown Source)

	at java.security.AccessController.doPrivileged(Native Method)

	at sun.misc.URLClassPath.getLoader(Unknown Source)

	at sun.misc.URLClassPath.getLoader(Unknown Source)

	at sun.misc.URLClassPath.getResource(Unknown Source)

	at java.net.URLClassLoader$1.run(Unknown Source)

	at java.security.AccessController.doPrivileged(Native Method)

	at java.net.URLClassLoader.findClass(Unknown Source)

	at sun.applet.AppletClassLoader.findClass(Unknown Source)

	at sun.plugin.security.PluginClassLoader.findClass(Unknown
Source)

	at java.lang.ClassLoader.loadClass(Unknown Source)

	at sun.applet.AppletClassLoader.loadClass(Unknown Source)

	at java.lang.ClassLoader.loadClass(Unknown Source)

	at sun.applet.AppletClassLoader.loadCode(Unknown Source)

	at sun.applet.AppletPanel.createApplet(Unknown Source)

	at sun.plugin.AppletViewer.createApplet(Unknown Source)

	at sun.applet.AppletPanel.runLoader(Unknown Source)

	at sun.applet.AppletPanel.run(Unknown Source)

	at java.lang.Thread.run(Unknown Source)

Exception: java.lang.SecurityException: illegal URL redirect

Stopping applet ...

Unregistered modality listener

Joining applet thread ...

Destroying applet ...

Disposing applet ...

Quiting applet ...

Joined applet thread ...

Registered modality listener

Finding information ...

Releasing classloader: sun.plugin.ClassLoaderInfo@df0438,
refcount=0

Caching classloader: sun.plugin.ClassLoaderInfo@df0438

Current classloader cache size: 1

Done ...


STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1.planet.fortisbanking.pl
2.
3.

REPRODUCIBILITY :
This bug can be reproduced always.
(Review ID: 179323) 
======================================================================

Comments
EVALUATION planet.fortisbanking.pl and planet.fortisbanking.com.pl are NOT accessible. www.fortisbanking.com.pl is accessible, could not find the page contains the applet. Please provide correct information and detail steps to reproduce. Even #4559313 testcase is no longer exits. ###@###.### 2003-01-09 Streaming http://www.blogs4god.com/ does cause exception from http redirect code in 1.4.1, exception stack as follow: java.net.MalformedURLException: no protocol: /linker/index.php at java.net.URL.<init>(Unknown Source) at java.net.URL.<init>(Unknown Source) at java.net.URL.<init>(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.followRedirect(Unknown Source) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source) at sun.plugin.net.protocol.http.HttpURLConnection.getInputStream(Unknown Source) at java.net.URL.openStream(Unknown Source) at RedirectApplet.testRedirect(RedirectApplet.java:19) at RedirectApplet.start(RedirectApplet.java:12) at sun.applet.AppletPanel.run(Unknown Source) at java.lang.Thread.run(Unknown Source) This exception can not be reproduced in 1.4.2. close bug as not reproducible. ###@###.### 2003-06-10
10-06-2003