<AWT Dev> [10] Review request for 8154405: AccessControlException by URLPermission check
Dmitry Markov
dmitry.markov at oracle.com
Fri Nov 17 14:38:39 UTC 2017
Hello,
Could you review a fix for jdk10, please?
bug: https://bugs.openjdk.java.net/browse/JDK-8154405
webrev: http://cr.openjdk.java.net/~dmarkov/8154405/webrev.00/
Problem description:
The current implementation of Toolkit.getImage(URL url) and Toolkit.createImage(URL url) uses URLPermission to perform security checks. However the documentation says that security manager’s method checkPermission() is called with url.openConnection().getPermission() permission and url.openConnection().getPermission() returns SocketPermission. So there is an inconsistency between the documentation and the implementation.
Fix:
It is necessary to update the description of the methods to get rid of confusing statements.
Thanks,
Dmitry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/awt-dev/attachments/20171117/dad2f33f/attachment.html>
More information about the awt-dev
mailing list