The SealedObjectFilter and SignedObjectFilter tests are almost the same,
maybe they should be combined? Also, can you add a test to check that a
SecurityException is thrown when an SM is enabled and the
SerializablePermission("serialFilter") has not been granted?
- SignedObject
69 * called, the {@link ObjectInputFilter.Config#getSerialFilter()
70 * system filter} is used instead.
"used instead" sounds like the getSerialFilter method returns the
object. Suggest being more specific and saying something like:
"the {@link ObjectInputFilter.Config#getSerialFilter()
system filter} is called to validate the object before it is returned."
- SealedObject
92 * is called, the {@link ObjectInputFilter.Config#getSerialFilter()
93 * system filter} is used instead.
Same comment as above on the wording.
--Sean
On 8/17/18 10:56 AM, Weijun Wang wrote:
Please take a review at the updated webrev at
http://cr.openjdk.java.net/~weijun/8193859/webrev.01
Changes only in doc, including
1) The "2018-8-15 updates" in the CSR [1]
2) formatting
Thanks
Max
[1] https://bugs.openjdk.java.net/browse/JDK-8193887
On Aug 14, 2018, at 11:19 PM, Roger Riggs <roger.ri...@oracle.com> wrote:
Hi,
On 8/14/2018 10:59 AM, Weijun Wang wrote:
s/initial process-wide filter/system filter/?
yes
Roger
--Max
[1] 8202675 Replace process-wide terminology in serial filtering to be
consistent
Regards, Roger
