Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-6672250

Regression: new jnlp.packEnabled property breaks sophisticated applets using LiveConnect

    Details

    • Subcomponent:
    • Introduced In Build:
      b13
    • Introduced In Version:
    • Resolved In Build:
      b14
    • CPU:
      generic, x86
    • OS:
      generic, windows_xp
    • Verification:
      Verified

      Description

      The introduction of client-side Pack200 selection in 6378311 has introduced a regression in sophisticated applets using LiveConnect because of the fact that the new code does not use AccessController.doPrivileged() to read the jnlp.packEnabled system property. If JavaScript calls into Java and causes a resource to be loaded, since the JavaScript frame on the stack does not have the permission to read the jnlp.packEnabled system property, a SecurityException will be raised deep in the deployment code and the application will return null for their call to ClassLoader.getResourceAsStream(). This regression was reproduced with NeuroDNA's product at http://www.neurodna.com/ and may affect other real-world applets. It is related to an earlier bug, 6665053.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                kbr Kenneth Russell (Inactive)
                Reporter:
                kbr Kenneth Russell (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Imported:
                  Indexed: