Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8154405: AccessControlException by URLPermission check
authordmarkov
Fri, 15 Dec 2017 21:49:33 +0000
changeset 48372 a099e4d4c35b
parent 48371 291020144f22
child 48373 f9152f462cbc
8154405: AccessControlException by URLPermission check Reviewed-by: serb, ssadetsky, mullan
src/java.desktop/share/classes/java/awt/Toolkit.java file | annotate | diff | comparison | revisions 
--- a/src/java.desktop/share/classes/java/awt/Toolkit.java	Fri Dec 15 10:44:06 2017 -0800
+++ b/src/java.desktop/share/classes/java/awt/Toolkit.java	Fri Dec 15 21:49:33 2017 +0000
@@ -673,11 +673,13 @@
      * <p>
      * This method first checks if there is a security manager installed.
      * If so, the method calls the security manager's
-     * {@code checkPermission} method with the
-     * url.openConnection().getPermission() permission to ensure
-     * that the access to the image is allowed. For compatibility
-     * with pre-1.2 security managers, if the access is denied with
-     * {@code FilePermission} or {@code SocketPermission},
+     * {@code checkPermission} method with the corresponding
+     * permission to ensure that the access to the image is allowed.
+     * If the connection to the specified URL requires
+     * either {@code URLPermission} or {@code SocketPermission},
+     * then {@code URLPermission} is used for security checks.
+     * For compatibility with pre-1.2 security managers, if the access
+     * is denied with {@code FilePermission} or {@code SocketPermission},
      * the method throws the {@code SecurityException}
      * if the corresponding 1.1-style SecurityManager.checkXXX method
      * also denies permission.
@@ -717,11 +719,13 @@
      * <p>
      * This method first checks if there is a security manager installed.
      * If so, the method calls the security manager's
-     * {@code checkPermission} method with the
-     * url.openConnection().getPermission() permission to ensure
-     * that the image creation is allowed. For compatibility
-     * with pre-1.2 security managers, if the access is denied with
-     * {@code FilePermission} or {@code SocketPermission},
+     * {@code checkPermission} method with the corresponding
+     * permission to ensure that the image creation is allowed.
+     * If the connection to the specified URL requires
+     * either {@code URLPermission} or {@code SocketPermission},
+     * then {@code URLPermission} is used for security checks.
+     * For compatibility with pre-1.2 security managers, if the access
+     * is denied with {@code FilePermission} or {@code SocketPermission},
      * the method throws {@code SecurityException}
      * if the corresponding 1.1-style SecurityManager.checkXXX method
      * also denies permission.
jdk-sandbox