Bug ID: JDK-7183263 Regression: crossdomain.xml with dtd doesn't work

Type: Bug
Component: deploy
Sub-Component: deployment_toolkit
Affected Version: 6u33,7u5

Priority: P2
Status: Closed
Resolution: Fixed
OS: windows,windows_7
CPU: x86

Submitted: 2012-07-11
Updated: 2014-07-21
Resolved: 2012-07-25

JDK 6	JDK 7	JDK 8
6u37Fixed	7u6Fixed	8 b49Fixed

The issue is similar to 7175548 in case crossdomain.xml contains DTD (as it should). The example of such files are twitter.con and flickr.com
In the 07/16 7u6 Triage - Igor asked that we makre this as NMI and he will come back tomorrow with a recommendation.

Verified with jre8 b118. With the same manual case, it behaves normally. Those are the related trace: network: CleanupThread used 8 us network: Downloading resource: http://farm6.staticflickr.com:80/crossdomain.xml Content-Length: 265 Content-Encoding: null network: Wrote URL http://farm6.staticflickr.com:80/crossdomain.xml to File C:\Users\javafx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\4ff55e0a-23a976ed-temp network: CleanupThread used 9 us cache: Adding MemoryCache entry: http://farm6.staticflickr.com:80/crossdomain.xml network: Cache entry not found [url: http://farm3.staticflickr.com:80/crossdomain.xml, version: null] network: Connecting http://farm3.staticflickr.com:80/crossdomain.xml with proxy=HTTP @ cn-proxy.sg.oracle.com/140.83.73.9:80 network: CleanupThread used 8 us network: Downloading resource: http://farm3.staticflickr.com:80/crossdomain.xml Content-Length: 265 Content-Encoding: null network: Wrote URL http://farm3.staticflickr.com:80/crossdomain.xml to File C:\Users\javafx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\43ac05f4-56e6d875-temp network: CleanupThread used 9 us cache: Adding MemoryCache entry: http://farm3.staticflickr.com:80/crossdomain.xml network: Cache entry not found [url: http://farm4.staticflickr.com:80/crossdomain.xml, version: null] network: Connecting http://farm4.staticflickr.com:80/crossdomain.xml with proxy=HTTP @ cn-proxy.sg.oracle.com/140.83.73.9:80 network: CleanupThread used 17 us network: Downloading resource: http://farm6.staticflickr.com/5130/5382690376_de6cd91e8a_m.jpg Content-Length: 15,211 Content-Encoding: null network: Wrote URL http://farm6.staticflickr.com/5130/5382690376_de6cd91e8a_m.jpg to File C:\Users\javafx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\419e8d88-57746399-temp network: CleanupThread used 9 us cache: Adding MemoryCache entry: http://farm6.staticflickr.com/5130/5382690376_de6cd91e8a_m.jpg basic: JNLP2ClassLoader.findClass: photostrip.PhotoResource$1: try again .. basic: JNLP2ClassLoader.findClass: photostrip.PhotoResource$1$1: try again .. done loading: http://farm6.staticflickr.com/5130/5382690376_de6cd91e8a_m.jpg = BufferedImage@2c5c94: type = 2 DirectColorModel: rmask=ff0000 gmask=ff00 bmask=ff amask=ff000000 IntegerInterleavedRaster: width = 240 height = 180 #Bands = 4 xOff = 0 yOff = 0 dataOffset[0] 0 network: CleanupThread used 9 us network: Downloading resource: http://farm4.staticflickr.com:80/crossdomain.xml Content-Length: 265 Content-Encoding: null network: Wrote URL http://farm4.staticflickr.com:80/crossdomain.xml to File C:\Users\javafx\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\47b62a18-53a56c78-temp network: CleanupThread used 14 us cache: Adding MemoryCache entry: http://farm4.staticflickr.com:80/crossdomain.xml network: CleanupThread used 8 us network: Downloading resource: http://farm6.staticflickr.com/5221/5652515102_34cc2312de_m.jpg Content-Length: 9,668 Content-Encoding: null

09-12-2013

EVALUATION Work around fix is to disable use of DTD since security manager can't load DTD from 3rd party site (ref: http://www.isocra.com/2006/05/making-xerces-ignore-a-dtd/)

18-07-2012