JDK-6212945 : Javaplugin crashed with a spoofed mozilla's useragent string
  • Type: Bug
  • Component: deploy
  • Sub-Component: plugin
  • Affected Version: 5.0
  • Priority: P3
  • Status: Closed
  • Resolution: Not an Issue
  • OS: generic
  • CPU: generic
  • Submitted: 2004-12-29
  • Updated: 2010-04-02
  • Resolved: 2005-06-27
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 6
6Resolved
Description
Java plugin easily crashed if the user changed mozilla's useragent string to something else other than the default one. More detail please see:

https://bugzilla.mozilla.org/show_bug.cgi?id=83376

Since the java plugin libraries have already been loaded into memory, java plugin should be able to know which version of browser it is working with. No need borthering to parse the useragent string to get such information.
###@###.### 2004-12-29 09:10:20 GMT

Comments
EVALUATION Reassign. ###@###.### 2005-06-09 09:00:06 GMT it's not a bug on Java plugin side. browser should provide plugin real UA for plugin to work no matter whether UA string is overriden by end users. it's the contract between browser and plugin. the following document is from Netscape Geoko Plug-in API reference for NPN_UserAgent() Description The user agent is the part of the HTTP header that identifies the browser during transfers. You can use this information to verify that the expected browser is in use, or you can use it in combination with NPN_Version to supply different code for different versions of Netscape browsers. ###@###.### 2005-06-27 05:34:08 GMT
09-06-2005