diff --git a/jdk/src/java.base/share/classes/sun/net/util/URLUtil.java b/jdk/src/java.base/share/classes/sun/net/util/URLUtil.java
index 08c1e43ae04..305342b82ff 100644
--- a/jdk/src/java.base/share/classes/sun/net/util/URLUtil.java
+++ b/jdk/src/java.base/share/classes/sun/net/util/URLUtil.java
@@ -25,7 +25,10 @@
 
 package sun.net.util;
 
+import java.io.IOException;
 import java.net.URL;
+import java.net.URLPermission;
+import java.security.Permission;
 
 /**
  * URL Utility class.
@@ -76,5 +79,26 @@ public class URLUtil {
 
         return strForm.toString();
     }
+
+    public static Permission getConnectPermission(URL url) throws IOException {
+        String urlStringLowerCase = url.toString().toLowerCase();
+        if (urlStringLowerCase.startsWith("http:") || urlStringLowerCase.startsWith("https:")) {
+            return getURLConnectPermission(url);
+        } else if (urlStringLowerCase.startsWith("jar:http:") || urlStringLowerCase.startsWith("jar:https:")) {
+            String urlString = url.toString();
+            int bangPos = urlString.indexOf("!/");
+            urlString = urlString.substring(4, bangPos > -1 ? bangPos : urlString.length());
+            URL u = new URL(urlString);
+            return getURLConnectPermission(u);
+            // If protocol is HTTP or HTTPS than use URLPermission object
+        } else {
+            return url.openConnection().getPermission();
+        }
+    }
+
+    private static Permission getURLConnectPermission(URL url) {
+        String urlString = url.getProtocol() + "://" + url.getAuthority() + url.getPath();
+        return new URLPermission(urlString);
+    }
 }
 
diff --git a/jdk/src/java.desktop/share/classes/sun/awt/SunToolkit.java b/jdk/src/java.desktop/share/classes/sun/awt/SunToolkit.java
index 847c0884b6a..abb37e65b70 100644
--- a/jdk/src/java.desktop/share/classes/sun/awt/SunToolkit.java
+++ b/jdk/src/java.desktop/share/classes/sun/awt/SunToolkit.java
@@ -66,6 +66,7 @@ import sun.awt.image.ToolkitImage;
 import sun.awt.image.URLImageSource;
 import sun.font.FontDesignMetrics;
 import sun.misc.SoftCache;
+import sun.net.util.URLUtil;
 import sun.security.action.GetBooleanAction;
 import sun.security.action.GetPropertyAction;
 import sun.util.logging.PlatformLogger;
@@ -875,7 +876,7 @@ public abstract class SunToolkit extends Toolkit
         if (sm != null) {
             try {
                 java.security.Permission perm =
-                    url.openConnection().getPermission();
+                    URLUtil.getConnectPermission(url);
                 if (perm != null) {
                     try {
                         sm.checkPermission(perm);
diff --git a/jdk/src/java.desktop/share/classes/sun/awt/image/URLImageSource.java b/jdk/src/java.desktop/share/classes/sun/awt/image/URLImageSource.java
index dcddeeb01dd..2d4a07cce3d 100644
--- a/jdk/src/java.desktop/share/classes/sun/awt/image/URLImageSource.java
+++ b/jdk/src/java.desktop/share/classes/sun/awt/image/URLImageSource.java
@@ -31,6 +31,7 @@ import java.net.HttpURLConnection;
 import java.net.URL;
 import java.net.URLConnection;
 import java.net.MalformedURLException;
+import sun.net.util.URLUtil;
 
 public class URLImageSource extends InputStreamImageSource {
     URL url;
@@ -43,7 +44,7 @@ public class URLImageSource extends InputStreamImageSource {
         if (sm != null) {
             try {
                 java.security.Permission perm =
-                    u.openConnection().getPermission();
+                      URLUtil.getConnectPermission(u);
                 if (perm != null) {
                     try {
                         sm.checkPermission(perm);