On Thu, 28 Mar 2024 18:53:34 GMT, Sean Mullan <mul...@openjdk.org> wrote:
>> I thought so first too, but decided that `GetPropertyAction` is a better >> place for it, because it needs the generic `privilegedGetProperty`. It is >> also adjacent to `privilegedGetTimeoutProp` that returns `int`. Makes sense? > > Right, that's a good point because you need to get the string value of the > property and not a boolean directly. Ok then. > > For a test, what do you think about adding another @run line to > `GetAndPostTest` like: > > `* @run main/othervm -Dcom.sun.security.ocsp.useget=flase GetAndPostTests` > > and also modifying the POST code of > test/jdk/java/security/testlibrary/SimpleOCSPServer.java to check that when > the request is less than 255 bytes, the system property is set to "false" and > nothing else? The server runs in the same process as the test, so I think > that should work. > > This would help eliminate the possibility of the property accidentally not > working in the future and reverting to GET instead of POST. This looks easy/safe enough to do. See new commits. New version passes the `GetAndPostTests` and the whole `jdk_security`. For sensitivity test, I broke the option parsing and observed that `GetAndPostTests` fails as expected. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/18525#discussion_r1543552012
