On Fri, 30 May 2025 10:44:11 GMT, Michael McMahon <[email protected]> wrote:
>> Hi,
>>
>> Enhanced exception messages are designed to hide sensitive information such
>> as hostnames, IP
>> addresses from exception message strings, unless the enhanced mode for the
>> specific category
>> has been explicitly enabled. Enhanced exceptions were first introduced in
>> 8204233 in JDK 11 and
>> updated in 8207846.
>>
>> This PR aims to increase the coverage of enhanced exception messages in the
>> networking code.
>> A limited number of exceptions are already hidden (restricted) by default.
>> The new categories and
>> exceptions in this PR will be restricted on an opt-in basis, ie. the default
>> mode will be enhanced
>> (while preserving the existing behavior).
>>
>> The mechanism is controlled by the security/system property
>> "jdk.includeInExceptions" which takes as value
>> a comma separated list of category names, which identify groups of
>> exceptions where the exception
>> message may be enhanced. Any category not listed is "restricted" which means
>> that potentially
>> sensitive information (such as hostnames, IP addresses, user identities) are
>> excluded from the message text.
>>
>> The changes to the java.security conf file describe the exact changes in
>> terms of the categories now
>> supported and any changes in behavior.
>>
>> Thanks,
>> Michael
>
> Michael McMahon has updated the pull request incrementally with one
> additional commit since the last revision:
>
> Fixed problem with j.n.HostPortRange
src/java.base/share/classes/sun/net/www/protocol/jmod/Handler.java line 50:
> 48: if (index == -1)
> 49: throw new MalformedURLException(
> 50: formatMsg("no !/ found in url spec%s",
> filterJarName(s).prefixWith(": ")));
JMOD files can only be used at compile time and link time. So I think you can
drop the changes jmod stream handler.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/23929#discussion_r2115650070
