Edit online

Trusted Hosts Plugin Extension

This type of plugin can be used by developers to automatically allow or reject remote connections that Oxygen XML Editor would normally ask the user for confirmation.

The name of the plugin extension is TrustedHosts. For security reasons, Oxygen XML Editor intercepts all connections to remote hosts and displays a dialog box that asks the user for confirmation. By implementing this plugin extension, the application will automatically allow or deny connections from websites you consider and configure as trusted or untrusted.

To develop an integration project, follow this steps:

  • Copy the oxygen.jar file from [OXYGEN_INSTALL_DIR]/lib to the lib folder of your project.
  • Implement the ro.sync.exml.plugin.workspace.security.TrustedHostsProviderExtension extension point.
  • In the plugin descriptor file, define the <extension> element that points to the implementation of your classes:
    <extension type="TrustedHosts" class="my.trusted.hosts.provider.class.qualified.name"/>

Detailed information regarding the accepted or rejected connections from plugins are logged in the Information view.

Example implementation:

      import ro.sync.exml.plugin.workspace.security.Response;
      import ro.sync.exml.plugin.workspace.security.TrustedHostsProviderExtension;

      public class DummyTrustedHostsProviderImpl implements 
                  TrustedHostsProviderExtension {
        public Response isTrusted(String hostName) {
          // Connections from this website will always be 
          // considered safe and always accepted.
          if ("trusted.website:80".equals(hostName)) {
            return TRUSTED;
          } else if("malicious.website:80".equals(hostName)) {
            // Always reject connections from malicious website
            return UNTRUSTED;
          // All other connections are unknown, so a dialog will 
          // appear and ask user's confirmation
          // to allow or deny the connection to this website.
          return UNKNOWN;