//
// Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.
// DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
//
// This code is free software; you can redistribute it and/or modify it
// under the terms of the GNU General Public License version 2 only, as
// published by the Free Software Foundation.
//
// This code is distributed in the hope that it will be useful, but WITHOUT
// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
// FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
// version 2 for more details (a copy is included in the LICENSE file that
// accompanied this code).
//
// You should have received a copy of the GNU General Public License version
// 2 along with this work; if not, write to the Free Software Foundation,
// Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
//
// Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
// or visit www.oracle.com if you need additional information or have any
// questions.
//

grant codeBase "jrt:/jdk.incubator.httpclient" {
    permission java.lang.RuntimePermission "accessClassInPackage.sun.net";
    permission java.lang.RuntimePermission "accessClassInPackage.sun.net.util";
    permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www";
    permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc";

    // ## why is SP not good enough. Check API @throws signatures and impl
    permission java.net.SocketPermission "*","connect,resolve";
    permission java.net.URLPermission "http:*","*:*";
    permission java.net.URLPermission "https:*","*:*";
    permission java.net.URLPermission "ws:*","*:*";
    permission java.net.URLPermission "wss:*","*:*";
    permission java.net.URLPermission "socket:*","CONNECT";  // proxy

    // For request/response body processors, fromFile, asFile
    permission java.io.FilePermission "<<ALL FILES>>","read,write,delete";

    // ## look at the different property names!
    permission java.util.PropertyPermission "jdk.httpclient.HttpClient.log","read";  // name!
    permission java.util.PropertyPermission "jdk.httpclient.auth.retrylimit","read";
    permission java.util.PropertyPermission "jdk.httpclient.connectionWindowSize","read";
    permission java.util.PropertyPermission "jdk.httpclient.enablepush","read";
    permission java.util.PropertyPermission "jdk.httpclient.hpack.maxheadertablesize","read";
    permission java.util.PropertyPermission "jdk.httpclient.keepalive.timeout","read";
    permission java.util.PropertyPermission "jdk.httpclient.maxframesize","read";
    permission java.util.PropertyPermission "jdk.httpclient.maxstreams","read";
    permission java.util.PropertyPermission "jdk.httpclient.redirects.retrylimit","read";
    permission java.util.PropertyPermission "jdk.httpclient.windowsize","read";
    permission java.util.PropertyPermission "jdk.httpclient.bufsize","read";
    permission java.util.PropertyPermission "jdk.httpclient.internal.selector.timeout","read";
    permission java.util.PropertyPermission "jdk.internal.httpclient.debug","read";
    permission java.util.PropertyPermission "jdk.internal.httpclient.hpack.debug","read";
    permission java.util.PropertyPermission "jdk.internal.httpclient.hpack.log.level","read";
    permission java.util.PropertyPermission "test.src","read";

    permission java.net.NetPermission "getProxySelector";

    permission java.security.SecurityPermission "createAccessControlContext";
};

// bootstrap to get the test going, it will do its own restrictions
grant codeBase "file:${test.classes}/*" {
    permission java.security.AllPermission;
};