Change Log for the Java Network Launching Protocol and API specification, v1.0

ACCEPTED

• Update the restricted environment to include the AWT permission "accessEventQueue".

  Justification:

  • To ensure backwards compatible with the Applet sandbox, which grants this permission.
  • AWT requires this permission to work correctly. Methods such as Frame.setVisible and SwingUtilities.invokeLater does not work in certain corner-case situations if the permission is not granted.
  • Does not break compatibility with 1.0 specification

  Issues:

  A JNLP Client must ensure that the implementation of the JNLP services are secure. For example, if a JNLP Client restricts access to the clipboard by displaying a security advisor dialog, then the JNLP Client must ensure that this dialog cannot be programmatically closed by, e.g., posting events to the event queue. The specification will be updated to describe this issue.

  Availability:

  Java Web Start 1.0.1 early-access implementations this change.

• Section 3.4: Clarify that URLs used in a JNLP file must properly encode all characters. A URL that contains special characters, such as a percent sign (%) or a space must encode these characters as, e.g., %25 and %20, respectivly. (Section 6.1.1 describes the character encoding rules for a URL.)

  Justification:

  • This is a clarification. No change in behavior.
• Section 4.4: The example incorrectly uses the kind attribute. It should be the download attribute.

  Justification:

  • This is a typo in 1.0 specification.
• Section B.3: Clarify that the index file uses the remove command. The section incorrectly talks about the delete command in one place.

  Justification:

  • This is a typo in 1.0 specification.

DEFERRED

• None