Mercurial Mercurial > jdk-sandbox / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
test/jdk/java/net/httpclient/security/8.policy
author dfuchs
Thu, 16 Nov 2017 19:56:44 +0000
branchhttp-client-branch
changeset 55821 fa0fc03c0853
parent 47216 71c04702a3d5
child 55856 038e64c3d92a
permissions -rw-r--r--
http-client-branch: HttpClient uses ProxySelector.getDefault() by default

// Policy 8
grant {
    // permissions common to all tests
    permission java.util.PropertyPermission "*", "read";
    permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete";
    permission java.net.NetPermission "getDefaultHttpClient";
    permission java.lang.RuntimePermission "modifyThread";
    permission java.util.logging.LoggingPermission "control", "";
    permission java.net.SocketPermission "localhost:1024-", "accept,listen";
    permission java.io.FilePermission "${test.src}${/}docs${/}-", "read";
    permission java.lang.RuntimePermission "createClassLoader";


    // permissions specific to this test
    permission java.net.URLPermission "http://127.0.0.1:*/files/foo.txt", "GET:X-Foo1,X-Foo,X-Bar";
};

// For proxy only. Not being tested
grant codebase "file:${test.classes}/proxydir/-" {
    permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect";
    permission java.net.SocketPermission "127.0.0.1:1024-", "connect,resolve";
};

grant codeBase "jrt:/jdk.incubator.httpclient" {
    permission java.lang.RuntimePermission "accessClassInPackage.sun.net";
    permission java.lang.RuntimePermission "accessClassInPackage.sun.net.util";
    permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www";
    permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc";

    // ## why is SP not good enough. Check API @throws signatures and impl
    permission java.net.SocketPermission "*","connect,resolve";
    permission java.net.URLPermission "http:*","*:*";
    permission java.net.URLPermission "https:*","*:*";
    permission java.net.URLPermission "ws:*","*:*";
    permission java.net.URLPermission "wss:*","*:*";
    permission java.net.URLPermission "socket:*","CONNECT";  // proxy

    // For request/response body processors, fromFile, asFile
    permission java.io.FilePermission "<<ALL FILES>>","read,write";  // delete???

    permission java.util.PropertyPermission "jdk.httpclient.*","read";

    // ## these permissions do not appear in the NetPermission spec!!! JDK bug?
    permission java.net.NetPermission "getSSLContext";
    permission java.net.NetPermission "setSSLContext";
    permission java.net.NetPermission "getProxySelector";
};
jdk-sandbox