RFR: 8344228: Revisit SecurityManager usage in java.net.http after JEP 486 integration

Daniel Fuchs dfuchs at openjdk.org
Fri Nov 15 09:13:11 UTC 2024


On Thu, 14 Nov 2024 21:17:01 GMT, Michael McMahon <michaelm at openjdk.org> wrote:

>> Please find here a patch that cleans up the java.net.http module code to remove permission checks and doPriviliged calls.
>> This was mostly mechanical.
>
> test/jdk/java/net/httpclient/whitebox/java.net.http/jdk/internal/net/http/SimpleSSLContext.java line 45:
> 
>> 43:  * Creates a simple usable SSLContext for SSLSocketFactory
>> 44:  * or a HttpsServer using a default keystore in the test tree.
>> 45:  */
> 
> Can the securityExceptions local variable be removed? And the catch (SecurityException) {} block?

hmmm... probably. if there's not any custom code that might throw it in there, we can remove it. good point.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/22118#discussion_r1843429758


More information about the net-dev mailing list