--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/java/net/httpclient/security/filePerms/httpclient.policy Sun Nov 05 17:32:13 2017 +0000
@@ -0,0 +1,46 @@
+grant codeBase "jrt:/jdk.incubator.httpclient" {
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.net";
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.net.util";
+ permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www";
+ permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc";
+
+ // ## why is SP not good enough. Check API @throws signatures and impl
+ permission java.net.SocketPermission "*","connect,resolve";
+ permission java.net.URLPermission "http:*","*:*";
+ permission java.net.URLPermission "https:*","*:*";
+ permission java.net.URLPermission "ws:*","*:*";
+ permission java.net.URLPermission "wss:*","*:*";
+ permission java.net.URLPermission "socket:*","CONNECT"; // proxy
+
+ // For request/response body processors, fromFile, asFile
+ permission java.io.FilePermission "<<ALL FILES>>","read,write,delete";
+
+ // ## look at the different property names!
+ permission java.util.PropertyPermission "jdk.httpclient.HttpClient.log","read"; // name!
+ permission java.util.PropertyPermission "jdk.httpclient.auth.retrylimit","read";
+ permission java.util.PropertyPermission "jdk.httpclient.connectionWindowSize","read";
+ permission java.util.PropertyPermission "jdk.httpclient.enablepush","read";
+ permission java.util.PropertyPermission "jdk.httpclient.hpack.maxheadertablesize","read";
+ permission java.util.PropertyPermission "jdk.httpclient.keepalive.timeout","read";
+ permission java.util.PropertyPermission "jdk.httpclient.maxframesize","read";
+ permission java.util.PropertyPermission "jdk.httpclient.maxstreams","read";
+ permission java.util.PropertyPermission "jdk.httpclient.redirects.retrylimit","read";
+ permission java.util.PropertyPermission "jdk.httpclient.windowsize","read";
+ permission java.util.PropertyPermission "jdk.httpclient.bufsize","read";
+ permission java.util.PropertyPermission "jdk.httpclient.internal.selector.timeout","read";
+ permission java.util.PropertyPermission "jdk.internal.httpclient.debug","read";
+ permission java.util.PropertyPermission "jdk.internal.httpclient.hpack.debug","read";
+ permission java.util.PropertyPermission "jdk.internal.httpclient.hpack.log.level","read";
+
+ // ## these permissions do not appear in the NetPermission spec!!! JDK bug?
+ permission java.net.NetPermission "getSSLContext";
+ permission java.net.NetPermission "setSSLContext";
+
+ permission java.security.SecurityPermission "createAccessControlContext";
+};
+
+// bootstrap to get the test going, it will do its own restrictions
+grant codeBase "file:${test.classes}/*" {
+ permission java.security.AllPermission;
+};
+