Mercurial Mercurial > jdk-sandbox / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
test/jdk/java/net/httpclient/security/filePerms/httpclient.policy
branchhttp-client-branch
changeset 55763 634d8e14c172
child 55787 d85e7823dce9 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/java/net/httpclient/security/filePerms/httpclient.policy	Sun Nov 05 17:32:13 2017 +0000
@@ -0,0 +1,46 @@
+grant codeBase "jrt:/jdk.incubator.httpclient" {
+    permission java.lang.RuntimePermission "accessClassInPackage.sun.net";
+    permission java.lang.RuntimePermission "accessClassInPackage.sun.net.util";
+    permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www";
+    permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc";
+
+    // ## why is SP not good enough. Check API @throws signatures and impl
+    permission java.net.SocketPermission "*","connect,resolve";
+    permission java.net.URLPermission "http:*","*:*";
+    permission java.net.URLPermission "https:*","*:*";
+    permission java.net.URLPermission "ws:*","*:*";
+    permission java.net.URLPermission "wss:*","*:*";
+    permission java.net.URLPermission "socket:*","CONNECT";  // proxy
+
+    // For request/response body processors, fromFile, asFile
+    permission java.io.FilePermission "<<ALL FILES>>","read,write,delete";
+
+    // ## look at the different property names!
+    permission java.util.PropertyPermission "jdk.httpclient.HttpClient.log","read";  // name!
+    permission java.util.PropertyPermission "jdk.httpclient.auth.retrylimit","read";
+    permission java.util.PropertyPermission "jdk.httpclient.connectionWindowSize","read";
+    permission java.util.PropertyPermission "jdk.httpclient.enablepush","read";
+    permission java.util.PropertyPermission "jdk.httpclient.hpack.maxheadertablesize","read";
+    permission java.util.PropertyPermission "jdk.httpclient.keepalive.timeout","read";
+    permission java.util.PropertyPermission "jdk.httpclient.maxframesize","read";
+    permission java.util.PropertyPermission "jdk.httpclient.maxstreams","read";
+    permission java.util.PropertyPermission "jdk.httpclient.redirects.retrylimit","read";
+    permission java.util.PropertyPermission "jdk.httpclient.windowsize","read";
+    permission java.util.PropertyPermission "jdk.httpclient.bufsize","read";
+    permission java.util.PropertyPermission "jdk.httpclient.internal.selector.timeout","read";
+    permission java.util.PropertyPermission "jdk.internal.httpclient.debug","read";
+    permission java.util.PropertyPermission "jdk.internal.httpclient.hpack.debug","read";
+    permission java.util.PropertyPermission "jdk.internal.httpclient.hpack.log.level","read";
+
+    // ## these permissions do not appear in the NetPermission spec!!! JDK bug?
+    permission java.net.NetPermission "getSSLContext";
+    permission java.net.NetPermission "setSSLContext";
+
+    permission java.security.SecurityPermission "createAccessControlContext";
+};
+
+// bootstrap to get the test going, it will do its own restrictions
+grant codeBase "file:${test.classes}/*" {
+    permission java.security.AllPermission;
+};
+
jdk-sandbox