RFR: 8264859: Implement Context-Specific Deserialization Filters [v3]
Roger Riggs
rriggs at openjdk.java.net
Fri May 21 16:33:02 UTC 2021
On Thu, 20 May 2021 19:11:34 GMT, Daniel Fuchs <dfuchs at openjdk.org> wrote:
>> Roger Riggs has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Simplify factory interface to BinaryOperator<ObjectInputFilter> and cleanup the example
>
> src/java.base/share/classes/java/io/ObjectInputFilter.java line 1270:
>
>> 1268: * is not {@code null} and is not the JVM-wide filter
>> 1269: * @throws SecurityException if there is security manager and the
>> 1270: * {@code SerializablePermission("serialFilter")} is not granted
>
> Where is this thrown? I don't see it in the implementation of `apply` below.
The throws clause is not needed, it is thrown in OIS.setObjectInputFilter.
-------------
PR: https://git.openjdk.java.net/jdk/pull/3996
More information about the core-libs-dev
mailing list