>>> If this private data can be loaded to the UIDefaults or to other class then >>> it will be read anyway. Are the Swing/AWT properties files content really >>> secret? >> My point is that there are no secrets, but the bug description states that >> such bundles can be added some day later. > But what secret can be here?
I think Mandy can clarify that. >>>>> Why specification of the addResourceBundle() doesn't reflect this >>>>> limitation? It is obvious that the fix bears impact in compatibility. >>>> The current spec will allow us to revert back the fix, if the impact on >>>> the applications will be hight, but for now it is not expected. >>> This is not a correct approach. If you are really sure that the method >>> should have this restriction to not allow to load any internal resources >>> externally, please present it in the spec. Potential compatibility issues >>> you can address by introducing a new system property. >> There are no compatibility issues which contradicts the specification, >> because all our resource bundles are private(unspecified), they are located >> in the com.XXX packages and all of them can be changed/removed in any time. > The fix blocks resources form all desktop module packages not only from > "com.XXX", doesn't it? It blocks all, because all of bundles which are used in UIDefault are private.