Beispiel #1
0
  /*
   * Creates a thread to run the applet. This method is called
   * each time an applet is loaded and reloaded.
   */
  synchronized void createAppletThread() {
    // Create a thread group for the applet, and start a new
    // thread to load the applet.
    String nm = "applet-" + getCode();
    loader = getClassLoader(getCodeBase(), getClassLoaderCacheKey());
    loader.grab(); // Keep this puppy around!

    // 4668479: Option to turn off codebase lookup in AppletClassLoader
    // during resource requests. [stanley.ho]
    String param = getParameter("codebase_lookup");

    if (param != null && param.equals("false")) loader.setCodebaseLookup(false);
    else loader.setCodebaseLookup(true);

    ThreadGroup appletGroup = loader.getThreadGroup();
    handler = new Thread(appletGroup, this, "thread " + nm, 0, false);
    // set the context class loader for this thread
    AccessController.doPrivileged(
        new PrivilegedAction<Object>() {
          @Override
          public Object run() {
            handler.setContextClassLoader(loader);
            return null;
          }
        });
    handler.start();
  }
Beispiel #2
0
 /**
  * Gets most recent focus owner component associated with the given window. It does that without
  * calling Window.getMostRecentFocusOwner since it provides its own logic contradicting with
  * setDefautlFocus. Instead, it calls KeyboardFocusManager directly.
  */
 private Component getMostRecentFocusOwnerForWindow(Window w) {
   Method meth =
       AccessController.doPrivileged(
           new PrivilegedAction<Method>() {
             @Override
             public Method run() {
               Method meth = null;
               try {
                 meth =
                     KeyboardFocusManager.class.getDeclaredMethod(
                         "getMostRecentFocusOwner", new Class<?>[] {Window.class});
                 meth.setAccessible(true);
               } catch (Exception e) {
                 // Must never happen
                 e.printStackTrace();
               }
               return meth;
             }
           });
   if (meth != null) {
     // Meth refers static method
     try {
       return (Component) meth.invoke(null, new Object[] {w});
     } catch (Exception e) {
       // Must never happen
       e.printStackTrace();
     }
   }
   // Will get here if exception was thrown or meth is null
   return w.getMostRecentFocusOwner();
 }
Beispiel #3
0
 /** Get a class loader. Create in a restricted context */
 synchronized AppletClassLoader getClassLoader(final URL codebase, final String key) {
   AppletClassLoader c = classloaders.get(key);
   if (c == null) {
     AccessControlContext acc = getAccessControlContext(codebase);
     c =
         AccessController.doPrivileged(
             new PrivilegedAction<AppletClassLoader>() {
               @Override
               public AppletClassLoader run() {
                 AppletClassLoader ac = createClassLoader(codebase);
                 /* Should the creation of the classloader be
                  * within the class synchronized block?  Since
                  * this class is used by the plugin, take care
                  * to avoid deadlocks, or specialize
                  * AppletPanel within the plugin.  It may take
                  * an arbitrary amount of time to create a
                  * class loader (involving getting Jar files
                  * etc.) and may block unrelated applets from
                  * finishing createAppletThread (due to the
                  * class synchronization). If
                  * createAppletThread does not finish quickly,
                  * the applet cannot process other messages,
                  * particularly messages such as destroy
                  * (which timeout when called from the browser).
                  */
                 synchronized (getClass()) {
                   AppletClassLoader res = classloaders.get(key);
                   if (res == null) {
                     classloaders.put(key, ac);
                     return ac;
                   } else {
                     return res;
                   }
                 }
               }
             },
             acc);
   }
   return c;
 }
Beispiel #4
0
  /**
   * get the context for the AppletClassLoader we are creating. the context is granted permission to
   * create the class loader, connnect to the codebase, and whatever else the policy grants to all
   * codebases.
   */
  private AccessControlContext getAccessControlContext(final URL codebase) {

    PermissionCollection perms =
        AccessController.doPrivileged(
            new PrivilegedAction<PermissionCollection>() {
              @Override
              public PermissionCollection run() {
                Policy p = java.security.Policy.getPolicy();
                if (p != null) {
                  return p.getPermissions(
                      new CodeSource(null, (java.security.cert.Certificate[]) null));
                } else {
                  return null;
                }
              }
            });

    if (perms == null) perms = new Permissions();

    // XXX: this is needed to be able to create the classloader itself!

    perms.add(SecurityConstants.CREATE_CLASSLOADER_PERMISSION);

    Permission p;
    java.net.URLConnection urlConnection = null;
    try {
      urlConnection = codebase.openConnection();
      p = urlConnection.getPermission();
    } catch (java.io.IOException ioe) {
      p = null;
    }

    if (p != null) perms.add(p);

    if (p instanceof FilePermission) {

      String path = p.getName();

      int endIndex = path.lastIndexOf(File.separatorChar);

      if (endIndex != -1) {
        path = path.substring(0, endIndex + 1);

        if (path.endsWith(File.separator)) {
          path += "-";
        }
        perms.add(new FilePermission(path, SecurityConstants.FILE_READ_ACTION));
      }
    } else {
      URL locUrl = codebase;
      if (urlConnection instanceof JarURLConnection) {
        locUrl = ((JarURLConnection) urlConnection).getJarFileURL();
      }
      String host = locUrl.getHost();
      if (host != null && (host.length() > 0))
        perms.add(new SocketPermission(host, SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION));
    }

    ProtectionDomain domain =
        new ProtectionDomain(
            new CodeSource(codebase, (java.security.cert.Certificate[]) null), perms);
    AccessControlContext acc = new AccessControlContext(new ProtectionDomain[] {domain});

    return acc;
  }
Beispiel #5
0
  /** Determine JDK level of an applet. */
  private void findAppletJDKLevel(Applet applet) {
    // To determine the JDK level of an applet, the
    // most reliable way is to check the major version
    // of the applet class file.

    // synchronized on applet class object, so calling from
    // different instances of the same applet will be
    // serialized.
    Class<?> appletClass = applet.getClass();

    synchronized (appletClass) {
      // Determine if the JDK level of an applet has been
      // checked before.
      Boolean jdk11Target = loader.isJDK11Target(appletClass);
      Boolean jdk12Target = loader.isJDK12Target(appletClass);

      // if applet JDK level has been checked before, retrieve
      // value and return.
      if (jdk11Target != null || jdk12Target != null) {
        jdk11Applet = (jdk11Target == null) ? false : jdk11Target.booleanValue();
        jdk12Applet = (jdk12Target == null) ? false : jdk12Target.booleanValue();
        return;
      }

      String name = appletClass.getName();

      // first convert any '.' to '/'
      name = name.replace('.', '/');

      // append .class
      final String resourceName = name + ".class";

      byte[] classHeader = new byte[8];

      try (InputStream is =
          AccessController.doPrivileged(
              (PrivilegedAction<InputStream>) () -> loader.getResourceAsStream(resourceName))) {

        // Read the first 8 bytes of the class file
        int byteRead = is.read(classHeader, 0, 8);

        // return if the header is not read in entirely
        // for some reasons.
        if (byteRead != 8) return;
      } catch (IOException e) {
        return;
      }

      // Check major version in class file header
      int major_version = readShort(classHeader, 6);

      // Major version in class file is as follows:
      //   45 - JDK 1.1
      //   46 - JDK 1.2
      //   47 - JDK 1.3
      //   48 - JDK 1.4
      //   49 - JDK 1.5
      if (major_version < 46) jdk11Applet = true;
      else if (major_version == 46) jdk12Applet = true;

      // Store applet JDK level in AppContext for later lookup,
      // e.g. page switch.
      loader.setJDK11Target(appletClass, jdk11Applet);
      loader.setJDK12Target(appletClass, jdk12Applet);
    }
  }