RFR: 8300872: WebView's ColorChooser fails to initialize when running in security context [v2]
Kevin Rushforth
kcr at openjdk.org
Fri Mar 3 16:35:01 UTC 2023
On Thu, 2 Mar 2023 14:30:12 GMT, Jose Pereda <jpereda at openjdk.org> wrote:
>> This PR removes an unnecessary check that was added as part of [JDK-8267551](https://bugs.openjdk.org/browse/JDK-8267551).
>>
>> As commented in the [issue](https://bugs.openjdk.org/browse/JDK-8300872), there were no failing/passing tests before/after these lines were added, and there are no actual tests that get into the case.
>>
>> The mentioned check caused, as a side effect, the JDK-8300872 issue, as running under a (deprecated) security manager fails with:
>>
>> java.security.AccessControlException: access denied ("java.io.FilePermission" "jrt:/javafx.controls/com/sun/javafx/scene/control/skin/modena/pattern-transparent.png" "read")
>> ...
>> at javafx.graphics/javafx.scene.image.Image.validateUrl(Image.java:1127)
>> ...
>>
>> when `File::exists` is evaluated over an image bundled in a jar.
>
> Jose Pereda has updated the pull request incrementally with one additional commit since the last revision:
>
> Add system test
Looks good. I left two minor suggestions for changes to the comments in the new policy file.
tests/system/src/test/resources/test/sandbox/empty.policy line 2:
> 1: // Policy file for sandbox tests
> 2: // Use as follows: -Djava.security.policy=test.policy
Minor: should be `empty.policy`
tests/system/src/test/resources/test/sandbox/empty.policy line 4:
> 2: // Use as follows: -Djava.security.policy=test.policy
> 3:
> 4: // No permissions to read resource files are granted
Minor: maybe also say that all FX permissions are granted?
-------------
Marked as reviewed by kcr (Lead).
PR: https://git.openjdk.org/jfx/pull/1042
More information about the openjfx-dev
mailing list