37811b7460
Co-authored-by: Daniel Fuchs <daniel.fuchs@oracle.com> Co-authored-by: Michael McMahon <michael.x.mcmahon@oracle.com> Co-authored-by: Pavel Rappo <pavel.rappo@oracle.com> Reviewed-by: chegar, dfuchs, michaelm
69 lines
3.1 KiB
Plaintext
69 lines
3.1 KiB
Plaintext
//
|
|
// Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
|
|
// DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
//
|
|
// This code is free software; you can redistribute it and/or modify it
|
|
// under the terms of the GNU General Public License version 2 only, as
|
|
// published by the Free Software Foundation.
|
|
//
|
|
// This code is distributed in the hope that it will be useful, but WITHOUT
|
|
// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
|
|
// FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
// version 2 for more details (a copy is included in the LICENSE file that
|
|
// accompanied this code).
|
|
//
|
|
// You should have received a copy of the GNU General Public License version
|
|
// 2 along with this work; if not, write to the Free Software Foundation,
|
|
// Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
//
|
|
// Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
|
|
// or visit www.oracle.com if you need additional information or have any
|
|
// questions.
|
|
//
|
|
|
|
// Policy 11
|
|
grant {
|
|
// permissions common to all tests
|
|
permission java.util.PropertyPermission "*", "read";
|
|
permission java.io.FilePermission "${test.classes}${/}-", "read,write,delete";
|
|
permission java.lang.RuntimePermission "modifyThread";
|
|
permission java.util.logging.LoggingPermission "control", "";
|
|
permission java.net.SocketPermission "localhost:1024-", "accept,listen";
|
|
permission java.io.FilePermission "${test.src}${/}docs${/}-", "read";
|
|
permission java.lang.RuntimePermission "createClassLoader";
|
|
|
|
// permissions specific to this test
|
|
permission java.net.URLPermission "http://127.0.0.1:${port.number}/files/foo.txt", "GET:*";
|
|
permission java.net.URLPermission "socket://127.0.0.1:${port.number1}", "CONNECT";
|
|
};
|
|
|
|
|
|
// For proxy only. Not being tested
|
|
grant codebase "file:${test.classes}/proxydir/-" {
|
|
permission java.net.SocketPermission "localhost:1024-", "accept,listen,connect";
|
|
permission java.net.SocketPermission "127.0.0.1:1024-", "connect,resolve";
|
|
};
|
|
|
|
grant codeBase "jrt:/jdk.incubator.httpclient" {
|
|
permission java.lang.RuntimePermission "accessClassInPackage.sun.net";
|
|
permission java.lang.RuntimePermission "accessClassInPackage.sun.net.util";
|
|
permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www";
|
|
permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc";
|
|
|
|
// ## why is SP not good enough. Check API @throws signatures and impl
|
|
permission java.net.SocketPermission "*","connect,resolve";
|
|
permission java.net.URLPermission "http:*","*:*";
|
|
permission java.net.URLPermission "https:*","*:*";
|
|
permission java.net.URLPermission "ws:*","*:*";
|
|
permission java.net.URLPermission "wss:*","*:*";
|
|
permission java.net.URLPermission "socket:*","CONNECT"; // proxy
|
|
|
|
// For request/response body processors, fromFile, asFile
|
|
permission java.io.FilePermission "<<ALL FILES>>","read,write"; // delete???
|
|
|
|
permission java.util.PropertyPermission "jdk.httpclient.*","read";
|
|
|
|
permission java.net.NetPermission "getProxySelector";
|
|
};
|
|
|