<AWT Dev> [10] Review request for 8154405: AccessControlException by URLPermission check

Dmitry Markov dmitry.markov at oracle.com
Fri Nov 17 14:38:39 UTC 2017


Could you review a fix for jdk10, please?

 bug: https://bugs.openjdk.java.net/browse/JDK-8154405
 webrev: http://cr.openjdk.java.net/~dmarkov/8154405/webrev.00/

Problem description:
The current implementation of Toolkit.getImage(URL url) and Toolkit.createImage(URL url) uses URLPermission to perform security checks. However the documentation says that security manager’s method checkPermission() is called with url.openConnection().getPermission() permission and url.openConnection().getPermission() returns SocketPermission. So there is an inconsistency between the documentation and the implementation.

It is necessary to update the description of the methods to get rid of confusing statements.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/awt-dev/attachments/20171117/dad2f33f/attachment.html>

More information about the awt-dev mailing list