Mercurial > hg > icedtea
changeset 2327:b4d1a0a7ad8f
Add security descriptor mapping for nested jars.
author | Deepak Bhole <dbhole@redhat.com> |
---|---|
date | Wed, 28 Jul 2010 15:42:55 -0400 |
parents | d0941d204617 |
children | 1da6f883f1d3 |
files | ChangeLog netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java |
diffstat | 2 files changed, 30 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/ChangeLog Wed Jul 28 15:42:06 2010 -0400 +++ b/ChangeLog Wed Jul 28 15:42:55 2010 -0400 @@ -1,3 +1,8 @@ +2010-07-28 Deepak Bhole <dbhole@redhat.com> + + * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java (activateJars): Add + security descriptor mapping for nested jars. + 2010-07-28 Deepak Bhole <dbhole@redhat.com> * netx/net/sourceforge/jnlp/SecurityDesc.java (getPermissions): Clean up
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Wed Jul 28 15:42:06 2010 -0400 +++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Wed Jul 28 15:42:55 2010 -0400 @@ -626,8 +626,31 @@ } try { - addURL(new URL("file://" + extractedJarLocation)); - } catch (MalformedURLException mfue) { + URL fileURL = new URL("file://" + extractedJarLocation); + addURL(fileURL); + + SecurityDesc jarSecurity = file.getSecurity(); + + if (file instanceof PluginBridge) { + + URL codebase = null; + + if (file.getCodeBase() != null) { + codebase = file.getCodeBase(); + } else { + //Fixme: codebase should be the codebase of the Main Jar not + //the location. Although, it still works in the current state. + codebase = file.getResources().getMainJAR().getLocation(); + } + + jarSecurity = new SecurityDesc(file, + SecurityDesc.ALL_PERMISSIONS, + codebase.getHost()); + } + + jarLocationSecurityMap.put(fileURL, jarSecurity); + + } catch (MalformedURLException mfue) { if (JNLPRuntime.isDebug()) System.err.println("Unable to add extracted nested jar to classpath");