726 path += "-";
727 p = new FilePermission(path, SecurityConstants.FILE_READ_ACTION);
728 }
729 } else if ((p == null) && (url.getProtocol().equals("file"))) {
730 String path = url.getFile().replace('/', File.separatorChar);
731 path = ParseUtil.decode(path);
732 if (path.endsWith(File.separator))
733 path += "-";
734 p = new FilePermission(path, SecurityConstants.FILE_READ_ACTION);
735 } else {
736 /**
737 * Not loading from a 'file:' URL so we want to give the class
738 * permission to connect to and accept from the remote host
739 * after we've made sure the host is the correct one and is valid.
740 */
741 URL locUrl = url;
742 if (urlConnection instanceof JarURLConnection) {
743 locUrl = ((JarURLConnection)urlConnection).getJarFileURL();
744 }
745 String host = locUrl.getHost();
746 if (host != null && (host.length() > 0))
747 p = new SocketPermission(host,
748 SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION);
749 }
750
751 // make sure the person that created this class loader
752 // would have this permission
753
754 if (p != null) {
755 final SecurityManager sm = System.getSecurityManager();
756 if (sm != null) {
757 final Permission fp = p;
758 AccessController.doPrivileged(new PrivilegedAction<>() {
759 public Void run() throws SecurityException {
760 sm.checkPermission(fp);
761 return null;
762 }
763 }, acc);
764 }
765 perms.add(p);
766 }
|
726 path += "-";
727 p = new FilePermission(path, SecurityConstants.FILE_READ_ACTION);
728 }
729 } else if ((p == null) && (url.getProtocol().equals("file"))) {
730 String path = url.getFile().replace('/', File.separatorChar);
731 path = ParseUtil.decode(path);
732 if (path.endsWith(File.separator))
733 path += "-";
734 p = new FilePermission(path, SecurityConstants.FILE_READ_ACTION);
735 } else {
736 /**
737 * Not loading from a 'file:' URL so we want to give the class
738 * permission to connect to and accept from the remote host
739 * after we've made sure the host is the correct one and is valid.
740 */
741 URL locUrl = url;
742 if (urlConnection instanceof JarURLConnection) {
743 locUrl = ((JarURLConnection)urlConnection).getJarFileURL();
744 }
745 String host = locUrl.getHost();
746 if (host != null && !host.isEmpty())
747 p = new SocketPermission(host,
748 SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION);
749 }
750
751 // make sure the person that created this class loader
752 // would have this permission
753
754 if (p != null) {
755 final SecurityManager sm = System.getSecurityManager();
756 if (sm != null) {
757 final Permission fp = p;
758 AccessController.doPrivileged(new PrivilegedAction<>() {
759 public Void run() throws SecurityException {
760 sm.checkPermission(fp);
761 return null;
762 }
763 }, acc);
764 }
765 perms.add(p);
766 }
|