hg: jdk8/tl/langtools: 8014363: javac test class ToolTester handles classpath incorrectly
Changeset: e39669aea0bd Author:jjg Date: 2013-05-12 18:18 -0700 URL: http://hg.openjdk.java.net/jdk8/tl/langtools/rev/e39669aea0bd 8014363: javac test class ToolTester handles classpath incorrectly Reviewed-by: ksrini ! test/tools/javac/api/6406133/T6406133.java ! test/tools/javac/api/6410643/T6410643.java ! test/tools/javac/api/6411310/T6411310.java ! test/tools/javac/api/6411333/T6411333.java ! test/tools/javac/api/6412656/T6412656.java ! test/tools/javac/api/6415780/T6415780.java ! test/tools/javac/api/6418694/T6418694.java ! test/tools/javac/api/642/T642.java ! test/tools/javac/api/6421756/T6421756.java ! test/tools/javac/api/6422215/T6422215.java ! test/tools/javac/api/6422327/T6422327.java ! test/tools/javac/api/6423003/T6423003.java ! test/tools/javac/api/6431257/T6431257.java ! test/tools/javac/api/6437349/T6437349.java ! test/tools/javac/api/6437999/T6437999.java ! test/tools/javac/api/6440333/T6440333.java ! test/tools/javac/api/6440528/T6440528.java ! test/tools/javac/api/6468404/T6468404.java ! test/tools/javac/api/6731573/T6731573.java ! test/tools/javac/api/6733837/T6733837.java ! test/tools/javac/api/TestJavacTaskScanner.java ! test/tools/javac/api/guide/Test.java ! test/tools/javac/api/lib/ToolTester.java
Re: Code review: 8010464: Evolve java networking same origin policy
Michael,
It might be better to narrow permissions right now with code like below:
private static
AccessControlContext withPermissions(Permission ... perms){
Permissions col = new Permissions();
for (Permission thePerm : perms ) {
col.add(thePerm);
}
final ProtectionDomain pd = new ProtectionDomain(null, col);
return new AccessControlContext( new ProtectionDomain[] { pd });
}
AccessController.doPrivileged(
new PrivilegedExceptionAction() {
public Void run() throws IOException {
plainConnect0();
return null;
}, withPermissions(p)
);
-Dmitry
On 2013-05-10 15:34, Michael McMahon wrote:
> Hi,
>
> This is the webrev for the HttpURLPermission addition.
> As well as the new permission class, the change
> includes the use of the permission in java.net.HttpURLConnection.
>
> The code basically checks for a HttpURLPermission in plainConnect(),
> getInputStream() and getOutputStream() for the request and if
> the caller has permission the request is executed in a doPrivileged()
> block. When the limited doPrivileged feature is integrated, I will
> change the doPrivileged() call to limit the privilege elevation to a single
> SocketPermission (as shown in the code comments).
>
> The webrev is at http://cr.openjdk.java.net/~michaelm/8010464/webrev.1/
>
> Thanks
> Michael
--
Dmitry Samersoff
Oracle Java development team, Saint Petersburg, Russia
* I would love to change the world, but they won't give me the source code.
hg: jdk8/tl/jdk: 7021870: GzipInputStream closes underlying stream during reading
Changeset: 90f715cceaae Author:dmeetry Date: 2013-05-10 23:56 +0400 URL: http://hg.openjdk.java.net/jdk8/tl/jdk/rev/90f715cceaae 7021870: GzipInputStream closes underlying stream during reading Reviewed-by: mduigou Contributed-by: ivan.gerasi...@oracle.com ! src/share/classes/java/util/zip/GZIPInputStream.java + test/java/util/zip/GZIP/GZIPInZip.java
Re: Code review: 8010464: Evolve java networking same origin policy
On 10/05/2013 12:34, Michael McMahon wrote: Hi, This is the webrev for the HttpURLPermission addition. As well as the new permission class, the change includes the use of the permission in java.net.HttpURLConnection. The code basically checks for a HttpURLPermission in plainConnect(), getInputStream() and getOutputStream() for the request and if the caller has permission the request is executed in a doPrivileged() block. When the limited doPrivileged feature is integrated, I will change the doPrivileged() call to limit the privilege elevation to a single SocketPermission (as shown in the code comments). The webrev is at http://cr.openjdk.java.net/~michaelm/8010464/webrev.1/ A partial review, focusing mostly on the spec as we've been through a few rounds on that part already. Overall I think the javadoc looks quite good. I realize someone suggested using lowercase "url" in the javadoc but as the usage is as an acronym then it might be clearer if it were in uppercase, maybe "URL string" to avoid any confusion with java.net.URL. I assume you'll add a copyright header to HttpURLPermission before pushing this. A minor comment on the javadoc tags is that you probably should use @throws instead of @exception. At a high-level it would be nice if the fields were final but I guess the parsing of actions and being serialized complicates this. setURI - this parses the URI rather than "sets" it so maybe it should be renamed. If you use URI.create then it would avoid needing to catch the URISyntaxException. normalizeMethods/normalizeHeaders- I assume these could use an ArrayList. HttpURLConnection - "if a security manager is installed", should this be "set"? MessageHeader - some of the methods are synchronized, some are not. I can't quite tell if getHeaderNames needs to be synchronized. Also is there any reason why this can't use Arrays.asList? HttpURLConnection.setRequestMethod - "connection being open" -> "connect in progress"? That's all I have for now but I think there is further review work required on HttpURLConnection as some of that is tricky. -Alan.
