<AWT Dev> [10] Review request for 8154405: AccessControlException by URLPermission check

Dmitry Markov dmitry.markov at oracle.com
Fri Dec 8 11:19:16 UTC 2017 

Reminder. Could you take look, please?

Also I would like to clarify the purpose of the fallback mechanism introduced by the new version. The fallback code addresses the issue that users have not knowing what permission to grant because some connections, (e.g. HTTP) may be established by granting either URLPermission or SocketPermission and it is unclear what permission type is used for check by getImage() or createImage(). In fact this code fixes backward compatibility issue caused by switching from SocketPermission to URLPermission. 

Thanks,
Dmitry

> On 1 Dec 2017, at 18:07, Dmitry Markov <dmitry.markov at oracle.com> wrote:
> 
> During the CSR review it was decided to update proposed fix. The new version is located at http://cr.openjdk.java.net/~dmarkov/8154405/webrev.01/ <http://cr.openjdk.java.net/~dmarkov/8154405/webrev.01/>
> Could you review the new version, please?
> 
> The list of changes:
> - Updated the description of Toolkit.getImage(URL u) and Toolkit.createImage(URL u) (made the wording less specific)
> - Added some backward compatibility support to SunToolkit.checkPermission() and to the constructor of URLImageSource. Now if security check of URLPermission is failed we will check the corresponding SocketPermission.
> - Added regression test.
> 
> Thanks,
> Dmitry 
> 
>> On 18 Nov 2017, at 15:30, Dmitry Markov <dmitry.markov at oracle.com <mailto:dmitry.markov at oracle.com>> wrote:
>> 
>> I have created the following one https://bugs.openjdk.java.net/browse/JDK-8191531 <https://bugs.openjdk.java.net/browse/JDK-8191531>
>> 
>> Thanks,
>> Dmitry
>>> On 17 Nov 2017, at 22:10, Sergey Bylokhov <sergey.bylokhov at oracle.com <mailto:sergey.bylokhov at oracle.com>> wrote:
>>> 
>>> On 17/11/2017 12:28, Dmitry Markov wrote:
>>>> Thank you, Sergey! Shall I create a CSR for this?
>>> 
>>> yes we need a CSR.
>>> 
>>> 
>>> 
>>> -- 
>>> Best regards, Sergey.
>> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/awt-dev/attachments/20171208/97eba1ca/attachment.html>

More information about the awt-dev mailing list