On Thu, 6 Mar 2025 10:24:13 GMT, Michael McMahon <micha...@openjdk.org> wrote:
> Hi, > > Enhanced exception messages are designed to hide sensitive information such > as hostnames, IP > addresses from exception message strings, unless the enhanced mode for the > specific category > has been explicitly enabled. Enhanced exceptions were first introduced in > 8204233 in JDK 11 and > updated in 8207846. > > This PR aims to increase the coverage of enhanced exception messages in the > networking code. > A limited number of exceptions are already hidden (restricted) by default. > The new categories and > exceptions in this PR will be restricted on an opt-in basis, ie. the default > mode will be enhanced > (while preserving the existing behavior). > > The mechanism is controlled by the security/system property > "jdk.includeInExceptions" which takes as value > a comma separated list of category names, which identify groups of exceptions > where the exception > message may be enhanced. Any category not listed is "restricted" which means > that potentially > sensitive information (such as hostnames, IP addresses, user identities) are > excluded from the message text. > > The changes to the java.security conf file describe the exact changes in > terms of the categories now > supported and any changes in behavior. > > Thanks, > Michael This pull request has now been integrated. Changeset: b6f827ef Author: Michael McMahon <micha...@openjdk.org> URL: https://git.openjdk.org/jdk/commit/b6f827ef054959662190e21ce63fc3d3c45b92f3 Stats: 984 lines in 47 files changed: 709 ins; 101 del; 174 mod 8348986: Improve coverage of enhanced exception messages Reviewed-by: dfuchs ------------- PR: https://git.openjdk.org/jdk/pull/23929
