在 java web start 应用程序中禁用字节码验证 [英] disable bytecode verification in java web start application

问题描述

我有一个 java web start 应用程序，我需要从 jnlp 文件中禁用字节码验证.

I have a java web start application and i need to disable bytecode verification from within the jnlp file.

这可以通过设置 JAVAWS_VM_ARGS="-noverify" 或设置 -Xverify:none 但documentation 这里说 web start 不支持添加这些参数jnlp 文件.

This can be done easily by setting JAVAWS_VM_ARGS="-noverify" or by setting -Xverify:none but the documentation here says that web start does not support adding these arguments in jnlp file.

我试过这个:

<j2se version="1.6+" java-vm-args="-noverify -showversion -verbose" >

在资源标签下，但它跳过了 -noverify 并采用了另外两个.

under resources tag but it skips -noverify and takes the other two.

感谢任何帮助.

推荐答案

...但是这里的文档说 web start 不支持在 jnlp 文件中添加这些参数.

... but the documentation here says that web start does not support adding these arguments in jnlp file.

没错，IMO.如果您可以禁用字节码验证，您就可以破坏 JVM 类型安全，并击败 JNLP 安全沙箱.

And rightly so, IMO. If you can disable bytecode verification, you can break JVM type-safety, and defeat the JNLP security sandbox.

如果您必须禁用字节码验证才能运行您的应用程序，那么它就存在严重问题.我的建议是解决导致字节码验证失败的问题，而不是将其关闭.

If you have to disable bytecode verification to get your application to run, there is something seriously wrong with it. My suggestion is to fix the problem that is causing bytecode verification to fail rather than turning it off.

这篇关于在 java web start 应用程序中禁用字节码验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！