761 path += "-";
762 p = new FilePermission(path, SecurityConstants.FILE_READ_ACTION);
763 }
764 } else if ((p == null) && (url.getProtocol().equals("file"))) {
765 String path = url.getFile().replace('/', File.separatorChar);
766 path = ParseUtil.decode(path);
767 if (path.endsWith(File.separator))
768 path += "-";
769 p = new FilePermission(path, SecurityConstants.FILE_READ_ACTION);
770 } else {
771 /**
772 * Not loading from a 'file:' URL so we want to give the class
773 * permission to connect to and accept from the remote host
774 * after we've made sure the host is the correct one and is valid.
775 */
776 URL locUrl = url;
777 if (urlConnection instanceof JarURLConnection) {
778 locUrl = ((JarURLConnection)urlConnection).getJarFileURL();
779 }
780 String host = locUrl.getHost();
781 if (host != null && (host.length() > 0))
782 p = new SocketPermission(host,
783 SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION);
784 }
785
786 // make sure the person that created this class loader
787 // would have this permission
788
789 if (p != null) {
790 final SecurityManager sm = System.getSecurityManager();
791 if (sm != null) {
792 final Permission fp = p;
793 AccessController.doPrivileged(new PrivilegedAction<>() {
794 public Void run() throws SecurityException {
795 sm.checkPermission(fp);
796 return null;
797 }
798 }, acc);
799 }
800 perms.add(p);
801 }
|
761 path += "-";
762 p = new FilePermission(path, SecurityConstants.FILE_READ_ACTION);
763 }
764 } else if ((p == null) && (url.getProtocol().equals("file"))) {
765 String path = url.getFile().replace('/', File.separatorChar);
766 path = ParseUtil.decode(path);
767 if (path.endsWith(File.separator))
768 path += "-";
769 p = new FilePermission(path, SecurityConstants.FILE_READ_ACTION);
770 } else {
771 /**
772 * Not loading from a 'file:' URL so we want to give the class
773 * permission to connect to and accept from the remote host
774 * after we've made sure the host is the correct one and is valid.
775 */
776 URL locUrl = url;
777 if (urlConnection instanceof JarURLConnection) {
778 locUrl = ((JarURLConnection)urlConnection).getJarFileURL();
779 }
780 String host = locUrl.getHost();
781 if (host != null && !host.isEmpty())
782 p = new SocketPermission(host,
783 SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION);
784 }
785
786 // make sure the person that created this class loader
787 // would have this permission
788
789 if (p != null) {
790 final SecurityManager sm = System.getSecurityManager();
791 if (sm != null) {
792 final Permission fp = p;
793 AccessController.doPrivileged(new PrivilegedAction<>() {
794 public Void run() throws SecurityException {
795 sm.checkPermission(fp);
796 return null;
797 }
798 }, acc);
799 }
800 perms.add(p);
801 }
|