RFR: 8277457: AccessControlException: access denied ("java.net.NetPermission" "getCookieHandler")
Jose Pereda
jpereda at openjdk.java.net
Wed Nov 24 23:54:05 UTC 2021
On Wed, 24 Nov 2021 23:05:05 GMT, Kevin Rushforth <kcr at openjdk.org> wrote:
> As indicated in the bug report, WebView needs to call to `CookieManager::getDefault` within a `doPrivileged` block so that it will work when a security manager is enabled. There are two calls in `com.sun.webkit.network.CookieJar` that are not wrapped in a `doPrivileged`.
>
> I added a manual test (since it requires loading a page over http/https which we can't do in our automated tests) based on the test program that was attached to JBS.
Test works fine. Minor comments only.
modules/javafx.web/src/main/java/com/sun/webkit/network/CookieJar.java line 47:
> 45: @SuppressWarnings("removal")
> 46: CookieHandler handler =
> 47: AccessController.doPrivileged((PrivilegedAction<CookieHandler>) () -> CookieHandler.getDefault());
Not sure if there is a policy for this, but you could replace the lambda with the method reference?
modules/javafx.web/src/main/java/com/sun/webkit/network/CookieJar.java line 71:
> 69: @SuppressWarnings("removal")
> 70: CookieHandler handler =
> 71: AccessController.doPrivileged((PrivilegedAction<CookieHandler>) () -> CookieHandler.getDefault());
Same here
-------------
Marked as reviewed by jpereda (Committer).
PR: https://git.openjdk.java.net/jfx/pull/681
More information about the openjfx-dev
mailing list