|
26 | 26 | package java.net; |
27 | 27 |
|
28 | 28 | import java.io.Closeable; |
29 | | -import java.io.File; |
30 | | -import java.io.FilePermission; |
31 | 29 | import java.io.IOException; |
32 | 30 | import java.io.InputStream; |
33 | 31 | import java.security.CodeSigner; |
34 | 32 | import java.security.CodeSource; |
35 | | -import java.security.Permission; |
| 33 | +import java.security.Permissions; |
36 | 34 | import java.security.PermissionCollection; |
37 | 35 | import java.security.SecureClassLoader; |
38 | 36 | import java.util.Enumeration; |
|
50 | 48 | import jdk.internal.loader.URLClassPath; |
51 | 49 | import jdk.internal.access.SharedSecrets; |
52 | 50 | import jdk.internal.perf.PerfCounter; |
53 | | -import sun.net.www.ParseUtil; |
54 | | -import sun.security.util.SecurityConstants; |
55 | 51 |
|
56 | 52 | /** |
57 | 53 | * This class loader is used to load classes and resources from a search |
@@ -573,84 +569,15 @@ public boolean hasMoreElements() { |
573 | 569 | } |
574 | 570 |
|
575 | 571 | /** |
576 | | - * Returns the permissions for the given codesource object. |
577 | | - * The implementation of this method first calls super.getPermissions |
578 | | - * and then adds permissions based on the URL of the codesource. |
579 | | - * <p> |
580 | | - * If the protocol of this URL is "jar", then the permission returned |
581 | | - * is based on the permission that is required by the URL of the Jar |
582 | | - * file. |
583 | | - * <p> |
584 | | - * If the protocol is "file" and there is an authority component, then |
585 | | - * permission to connect to and accept connections from that authority |
586 | | - * may be returned. If the protocol is "file" |
587 | | - * and the path specifies a file, then permission to read that |
588 | | - * file is returned. If protocol is "file" and the path is |
589 | | - * a directory, then permission is returned to read all files |
590 | | - * and (recursively) all files and subdirectories contained in |
591 | | - * that directory. |
592 | | - * <p> |
593 | | - * If the protocol is not "file", then permission |
594 | | - * to connect to and accept connections from the URL's host is returned. |
595 | | - * @param codesource the codesource |
596 | | - * @throws NullPointerException if {@code codesource} is {@code null}. |
597 | | - * @return the permissions for the codesource |
| 572 | + * {@return an {@linkplain PermissionCollection empty Permission collection}} |
| 573 | + * |
| 574 | + * @param codesource the {@code CodeSource} |
| 575 | + * @throws NullPointerException if {@code codesource} is {@code null}. |
598 | 576 | */ |
599 | | - protected PermissionCollection getPermissions(CodeSource codesource) |
600 | | - { |
601 | | - PermissionCollection perms = super.getPermissions(codesource); |
602 | | - |
603 | | - URL url = codesource.getLocation(); |
604 | | - |
605 | | - Permission p; |
606 | | - URLConnection urlConnection; |
607 | | - |
608 | | - try { |
609 | | - urlConnection = url.openConnection(); |
610 | | - p = urlConnection.getPermission(); |
611 | | - } catch (java.io.IOException ioe) { |
612 | | - p = null; |
613 | | - urlConnection = null; |
614 | | - } |
615 | | - |
616 | | - if (p instanceof FilePermission) { |
617 | | - // if the permission has a separator char on the end, |
618 | | - // it means the codebase is a directory, and we need |
619 | | - // to add an additional permission to read recursively |
620 | | - String path = p.getName(); |
621 | | - if (path.endsWith(File.separator)) { |
622 | | - path += "-"; |
623 | | - p = new FilePermission(path, SecurityConstants.FILE_READ_ACTION); |
624 | | - } |
625 | | - } else if ((p == null) && (url.getProtocol().equals("file"))) { |
626 | | - String path = url.getFile().replace('/', File.separatorChar); |
627 | | - path = ParseUtil.decode(path); |
628 | | - if (path.endsWith(File.separator)) |
629 | | - path += "-"; |
630 | | - p = new FilePermission(path, SecurityConstants.FILE_READ_ACTION); |
631 | | - } else { |
632 | | - /** |
633 | | - * Not loading from a 'file:' URL so we want to give the class |
634 | | - * permission to connect to and accept from the remote host |
635 | | - * after we've made sure the host is the correct one and is valid. |
636 | | - */ |
637 | | - URL locUrl = url; |
638 | | - if (urlConnection instanceof JarURLConnection) { |
639 | | - locUrl = ((JarURLConnection)urlConnection).getJarFileURL(); |
640 | | - } |
641 | | - String host = locUrl.getHost(); |
642 | | - if (host != null && !host.isEmpty()) |
643 | | - p = new SocketPermission(host, |
644 | | - SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION); |
645 | | - } |
646 | | - |
647 | | - // make sure the person that created this class loader |
648 | | - // would have this permission |
649 | | - |
650 | | - if (p != null) { |
651 | | - perms.add(p); |
652 | | - } |
653 | | - return perms; |
| 577 | + @Override |
| 578 | + protected PermissionCollection getPermissions(CodeSource codesource) { |
| 579 | + Objects.requireNonNull(codesource); |
| 580 | + return new Permissions(); |
654 | 581 | } |
655 | 582 |
|
656 | 583 | /** |
|
0 commit comments