SocketPermission's implies() interesting behavior
Charles Lee
littlee at linux.vnet.ibm.com
Wed Mar 9 19:18:05 PST 2011
On 03/10/2011 12:02 AM, Neil Richards wrote:
> On 1 March 2011 09:18, Chris Hegarty<chris.hegarty at oracle.com> wrote:
>> Michael,
>>
>> Can you please take a look at this change, CR 7021280: "SocketPermission
>> trustProxy should accept wildcards".
>>
>> This patch came from Charles (cc'ed), and I agree with the changes. Can you
>> please take a look and give your feedback.
>>
>> http://cr.openjdk.java.net/~chegar/7021280/webrev.00/webrev/
>>
>> -Chris.
> In the suggested fix, I see that the comparison becomes
> 'thatHost.endsWith(this.cname)' if 'this.wildcard' is 'true'.
> Prior to the change, the comparison was (always)
> 'thisHost.equalsIgnoreCase(thatHost)'.
>
> So, on the surface, it looks like a case-insensitive comparison -
> String.equalsIgnoreCase() - has been replaced (when 'this.wildcard' is
> 'true') with a case-sensitive comparison - String.endsWith().
>
> Is there a reason why this change in case sensitivity is not a problem
> in this instance, or does the suggested fix need to be reworked to
> make the new comparison (also) case-insensitive ?
>
> - Neil
>
> --
> Unless stated above:
> IBM email: neil_richards at uk.ibm.com
> IBM United Kingdom Limited - Registered in England and Wales with number 741598.
> Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU
Hi Neil,
With a quick search in the SocketPermission using "cname =" as search
word, cname always seems to be lower cases. But hostname does not. It
may need some rework on the patch.
And more, every place where cname compare with another cname should use
normal equalsTo (equalsIgnoreCase is not needed). Every place where
getName and hostname is involved should use case-insensitive comparison.
Any opinion, Neil and Chris?
More information about the net-dev
mailing list