From 108cfd6c194ec23891278a17b123ce633399adc2 Mon Sep 17 00:00:00 2001 From: Dmitry Markov Date: Fri, 15 Dec 2017 21:49:33 +0000 Subject: [PATCH] 8154405: AccessControlException by URLPermission check Reviewed-by: serb, ssadetsky, mullan --- .../share/classes/java/awt/Toolkit.java | 24 +++++++++++-------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/src/java.desktop/share/classes/java/awt/Toolkit.java b/src/java.desktop/share/classes/java/awt/Toolkit.java index 489ee4ff695..7a4372ace66 100644 --- a/src/java.desktop/share/classes/java/awt/Toolkit.java +++ b/src/java.desktop/share/classes/java/awt/Toolkit.java @@ -673,11 +673,13 @@ public abstract class Toolkit { *

* This method first checks if there is a security manager installed. * If so, the method calls the security manager's - * {@code checkPermission} method with the - * url.openConnection().getPermission() permission to ensure - * that the access to the image is allowed. For compatibility - * with pre-1.2 security managers, if the access is denied with - * {@code FilePermission} or {@code SocketPermission}, + * {@code checkPermission} method with the corresponding + * permission to ensure that the access to the image is allowed. + * If the connection to the specified URL requires + * either {@code URLPermission} or {@code SocketPermission}, + * then {@code URLPermission} is used for security checks. + * For compatibility with pre-1.2 security managers, if the access + * is denied with {@code FilePermission} or {@code SocketPermission}, * the method throws the {@code SecurityException} * if the corresponding 1.1-style SecurityManager.checkXXX method * also denies permission. @@ -717,11 +719,13 @@ public abstract class Toolkit { *

* This method first checks if there is a security manager installed. * If so, the method calls the security manager's - * {@code checkPermission} method with the - * url.openConnection().getPermission() permission to ensure - * that the image creation is allowed. For compatibility - * with pre-1.2 security managers, if the access is denied with - * {@code FilePermission} or {@code SocketPermission}, + * {@code checkPermission} method with the corresponding + * permission to ensure that the image creation is allowed. + * If the connection to the specified URL requires + * either {@code URLPermission} or {@code SocketPermission}, + * then {@code URLPermission} is used for security checks. + * For compatibility with pre-1.2 security managers, if the access + * is denied with {@code FilePermission} or {@code SocketPermission}, * the method throws {@code SecurityException} * if the corresponding 1.1-style SecurityManager.checkXXX method * also denies permission.