Closed Bug 291992 Opened 20 years ago Closed 20 years ago

Downloading of *.jnlp file does not automatically open it

Categories

(Camino Graveyard :: Downloading, defect)

Product:
Camino Graveyard
Component:
Downloading
Platform:
PowerPC
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: edsbugs, Assigned: mikepinkerton)

Details

User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.7) Gecko/20050419 Camino/0.8.3+ Build Identifier: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.7) Gecko/20050419 Camino/0.8.3+ When I hit on a link which is supposed to start a program using Java Web Start. the .jnlp is added to the download window and saved to the desktop but does not open the application. Hitting the link to open the appplication again cause a subsequent file to be downloaded to the dekstop. Firefox starts the application automatically. Reproducible: Always Expected Results: The application should have been started automatically and no file downloaded at all. Would not have even expected a file to show in the download window.
i think we only auto-open a fixed list. maybe that's not true.
Summary: Downloading of *.jnlp file does automatically open it → Downloading of *.jnlp file does not automatically open it
IMHO, from a security point of view, Camino is doing the right thing by not opening downloaded files willy-nilly, especially those that are applications or application-like. I've yet to run across a file that Camino auto-opens upon download, and IMO that's a very good thing. Also, given that a simple click on the "Open" button in the Download Manager (or a double-click on the file entry in the nightlies if your're running toolbar-less), if the user really wants the file to open, he/she can still do so in a single click without leaving Camino. My recommendation is WONTFIX.
Would it not be better to have a list of ip addresses from which an application is automatically opened. In the example given the file is served from one of our local intranet web servers, so in our case security is not an issue, but not automatically opening the application is an inconvenience to the users. I can understand you comment if the file was coming from an external unknown source, but from a company point of view this is controlled by the firewall configuration. Ed
Was "Open downloaded files" on in preferences?
(In reply to comment #4) > Was "Open downloaded files" on in preferences? Ah, this is WFM once I switch on that setting. Camino does the smart and secure thing and ships with the pref *off* (Apple has yet to learn that lesson!). .sit and .zip are automatically opened; .dmg is not, .sh is not (good). .command is auto-opened, but permissions have been stripped so it doesn't run, only launches the terminal and complains (so-so). I still think things like .jnlp should not be autolaunched at all from a security perspective (unless Camino were to add some sort of non-GUI user-configrable extension and/or ip whitelist to override non-opening of unsafe files).
user "error". invalid.
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.