<AWT Dev> [10] Review request for 8154405: AccessControlException by URLPermission check

Dmitry Markov dmitry.markov at oracle.com
Fri Nov 17 20:28:42 UTC 2017

Thank you, Sergey! Shall I create a CSR for this?

> On 17 Nov 2017, at 19:34, Sergey Bylokhov <sergey.bylokhov at oracle.com> wrote:
> Looks fine.
> On 17/11/2017 06:38, Dmitry Markov wrote:
>> Hello,
>> Could you review a fix for jdk10, please?
>>  bug: https://bugs.openjdk.java.net/browse/JDK-8154405
>>  webrev: http://cr.openjdk.java.net/~dmarkov/8154405/webrev.00/
>> Problem description:
>> The current implementation of Toolkit.getImage(URL url) and Toolkit.createImage(URL url) uses URLPermission to perform security checks. However the documentation says that security manager’s method checkPermission() is called with url.openConnection().getPermission() permission and url.openConnection().getPermission() returns SocketPermission. So there is an inconsistency between the documentation and the implementation.
>> Fix:
>> It is necessary to update the description of the methods to get rid of confusing statements.
>> Thanks,
>> Dmitry
> -- 
> Best regards, Sergey.

More information about the awt-dev mailing list