JDK-8172352 : [macosx] dragging "text/uri-list" data flavor leads to Safari crash and system instability
  • Type: Bug
  • Component: client-libs
  • Sub-Component: java.awt
  • Affected Version: 8u112,9
  • Priority: P5
  • Status: Open
  • Resolution: Unresolved
  • OS: os_x
  • Submitted: 2017-01-06
  • Updated: 2019-03-23
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other
tbdUnresolved
Related Reports
Relates :  
JDK-8136763 - [macosx] java always returns only one value for "text/uri-list" dataflavor even if several files were copied
Relates :  
JDK-8160941 - "text/uri-list" dataflavor concats the first two strings
Description
On OS X 10.10.5, when dragging a transfer object "http://www.cnn.com/\r\n" as type "text/uri-list" to Safari, Safari crashes and the system becomes unstable (programs don't start or stop anymore, webpages don't open, etc.)

When omitting the CRLF, i.e. using "http://www.cnn.com/" this works as expected. However, https://tools.ietf.org/html/rfc2483 specifies in ��5:

"As for all text/* formats, lines are terminated with a CRLF pair."

I interpret this to mean that any line may be terminated with a CRLF, regardless of whether something follows or not. And even if the data was malformed somehow, a simple drag should never cause systemwide problems. Therefore we have to be more careful with what we pass to the system.

To reproduce, start the attached file and drag the label to an open Safari pane. The issue can be reproduced reliable with 8u112 and 9-ea+151.

In the console, you will see messages like this:

2017-01-06 11:33:50.471 java[950:28149] __CFPasteboardIssueSandboxExtensionForPath : sandbox extension creation failed: caller requested extension for path that could not be resolved to an absolute path: [http://www.cnn.com/
]
2017-01-06 11:33:50.472 java[950:28016] __CFPasteboardIssueSandboxExtensionForPath : sandbox extension creation failed: caller requested extension for path that could not be resolved to an absolute path: [/
]
2017-01-06 11:33:50.472 java[950:28016] __CFPasteboardCreateSandboxExtensionDataFromCFData : failed to obtain sandbox extension data for url [http://www.cnn.com/%0D%0A]

Workaround:
Make sure not to end a single line uri-list with CRLF.
Comments
It would be good to write a Cocoa application which transfers data to the native system in the same way as it is done in JDK and check that dragging a transfer object to the Safari also leads to crash. If so, the bug report should be filled in Apple bug system: https://bugreport.apple.com Otherwise, it should be checked which data and in which order is sent.
19-01-2017
If this is a desirable fixture and not reproducible otherwise apart from only on Safari, this should not be a P3 issue. Considering the inputs received in the comments section, this issue according to ILW = LMM = P5 I=L : Impact is that the URL is not accepted with annotations for Safari and shows an error page. No epic impact. L=M: The defect is encountered only when using annotations like \r or \n and that too only on Safari browser albeit can be consistently reproduced in that specific use case only. W=M: Workaround exists as URL can be modified to not collide with contention for special annotations and albeit maybe a cumbersome process to do, it is very much possible.
19-01-2017
It's to be expected that text editors never have a problem with CRLF. In any case. Instead of blaming Safari, perhaps it's more robust and desirable ("defensive programming") to make sure it simply works. It seems to me that that could be as easy as calling trim() on the passed URI list.
19-01-2017
Tried the following approach: Instead of dragging onto the browser, Did a drag and drop onto "Notes" application. The URL that is mentioned in test case is pasted. Tried the same with textEdit application. Same result. Also works fine with other browsers apart from Safari. Seems like this is an isolated problem in the way it is handling the URL. Seems like an external issue. Further analysis required.
19-01-2017
Thanks for trying again. Appreciated. The instability I observed was not being able to start new programs. I.e. the whole system never crashed, but in essence I had to reboot the system so that I could continue working. Perhaps you can reproduce this part as well, if you restart Safari and repeat the procedure.
09-01-2017
After you tried to reproduce this: Does your system work reliably?
09-01-2017
Issue is not completely reproducible as per the description with the attached code. Crash not observed, but the error message was generated on the console. Tried with: OS X 10.10.5 Java version 9-ea+151-client-nightly-h5926-20170104 Safari version 9.1.2
09-01-2017
Sorry. Able to reproduce the issue now after dropping the url on the safari browser pane. But the system works reliably after the crash. Hence issue is reproducible as per the description: Safari browser crash observed Error message generated on the console
09-01-2017