open Udiff src/java.desktop/share/classes/java/awt/Toolkit.java

< prev index next >

src/java.desktop/share/classes/java/awt/Toolkit.java

@@ -656,15 +656,17 @@
      * calling the {@link Image#flush flush} method on the
      * returned {@code Image}.
      * <p>
      * This method first checks if there is a security manager installed.
      * If so, the method calls the security manager's
-     * {@code checkPermission} method with the
-     * url.openConnection().getPermission() permission to ensure
-     * that the access to the image is allowed. For compatibility
-     * with pre-1.2 security managers, if the access is denied with
-     * {@code FilePermission} or {@code SocketPermission},
+     * {@code checkPermission} method with the corresponding
+     * permission to ensure that the access to the image is allowed.
+     * If the connection to the specified URL requires
+     * either {@code URLPermission} or {@code SocketPermission},
+     * then {@code URLPermission} is used for security checks.
+     * For compatibility with pre-1.2 security managers, if the access
+     * is denied with {@code FilePermission} or {@code SocketPermission},
      * the method throws the {@code SecurityException}
      * if the corresponding 1.1-style SecurityManager.checkXXX method
      * also denies permission.
      * @param     url   the URL to use in fetching the pixel data.
      * @return    an image which gets its pixel data from

@@ -700,15 +702,17 @@
      * The returned Image is a new object which will not be shared
      * with any other caller of this method or its getImage variant.
      * <p>
      * This method first checks if there is a security manager installed.
      * If so, the method calls the security manager's
-     * {@code checkPermission} method with the
-     * url.openConnection().getPermission() permission to ensure
-     * that the image creation is allowed. For compatibility
-     * with pre-1.2 security managers, if the access is denied with
-     * {@code FilePermission} or {@code SocketPermission},
+     * {@code checkPermission} method with the corresponding
+     * permission to ensure that the image creation is allowed.
+     * If the connection to the specified URL requires
+     * either {@code URLPermission} or {@code SocketPermission},
+     * then {@code URLPermission} is used for security checks.
+     * For compatibility with pre-1.2 security managers, if the access
+     * is denied with {@code FilePermission} or {@code SocketPermission},
      * the method throws {@code SecurityException}
      * if the corresponding 1.1-style SecurityManager.checkXXX method
      * also denies permission.
      * @param     url   the URL to use in fetching the pixel data.
      * @return    an image which gets its pixel data from

< prev index next >