[Bug 2472] ITW: networking same origin policy not in sync with Oracle Java 8

bugzilla-daemon at icedtea.classpath.org bugzilla-daemon at icedtea.classpath.org
Wed Jun 24 15:01:04 UTC 2015


http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2472

--- Comment #1 from Tomas Hoger <thoger at redhat.com> ---
Created attachment 1371
  --> http://icedtea.classpath.org/bugzilla/attachment.cgi?id=1371&action=edit
SOP test case

A simple test applet that can be used to test Socket and URLConnection SOP. 
For testing, I have /etc/hosts entry for host1 and host2 both resolving to the
same IP address.

When applet is instructed to connect to host1:80, the result is:

- Oracle JDK7 and ITW with OpenJDK 7 or 8:

  Socket connection to host1:80 was allowed.

  URLConnection to http://host1:80 was allowed.

- Oracle JDK8:

  Socket connection to host1:80 was denied:
  java.security.AccessControlException: access denied
    ("java.net.SocketPermission" "host1" "resolve")

  URLConnection to http://host1:80 was allowed.

When applet is instructed to connect to host2:80, the result is:

- Oracle JDK7 and ITW with OpenJDK 7 or 8:

  Socket connection to host2:80 was allowed.

  URLConnection to http://host2:80 was allowed.

- Oracle JDK8:

  Socket connection to host2:80 was denied:
  java.security.AccessControlException: access denied
    ("java.net.SocketPermission" "host2" "resolve")

  URLConnection to http://host2:80 was denied:
  java.security.AccessControlException: access denied
    ("java.net.SocketPermission" "host2:80" "connect,resolve")

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20150624/814de09e/attachment.html>


More information about the distro-pkg-dev mailing list