Java 类java.net.URLPermission 实例源码

static void serializationTest(String name, String actions)
    throws Exception {

    URLPermission out = new URLPermission(name, actions);

    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream o = new ObjectOutputStream(baos);
    o.writeObject(out);
    ByteArrayInputStream bain = new ByteArrayInputStream(baos.toByteArray());
    ObjectInputStream i = new ObjectInputStream(bain);
    URLPermission in = (URLPermission)i.readObject();
    if (!in.equals(out)) {
        System.out.println ("FAIL");
        System.out.println ("in = " + in);
        System.out.println ("out = " + out);
        failed = true;
    }
}

static void test2() throws IOException {
    System.out.println("\n--- Test 2 ---");

    SecurityManager sm = System.getSecurityManager();
    if (sm != null) {
        Policy.setPolicy(new CustomPolicy(
            new URLPermission("http://127.0.0.1:"+httpPort+"/*", "GET:X-Foo"),
            new URLPermission("https://127.0.0.1:"+httpsPort+"/*", "POST:X-Fob")));
    }

    String url1 = "http://127.0.0.1:"+httpPort+"/foo.html";
    String url2 = "https://127.0.0.1:"+httpsPort+"/foo.html";
    String url3 = "http://127.0.0.1:"+httpPort+"/bar.html";
    String url4 = "https://127.0.0.1:"+httpsPort+"/bar.html";

    // simple positive test. Should succeed
    test(url1, "GET", "X-Foo");
    test(url2, "POST", "X-Fob");
    test(url3, "GET", "X-Foo");
    test(url4, "POST", "X-Fob");
}

static void test3() throws IOException {
    System.out.println("\n--- Test 3 ---");

    boolean expectException = false;
    SecurityManager sm = System.getSecurityManager();
    if (sm != null) {
        expectException = true;
        Policy.setPolicy(new CustomPolicy(
            new URLPermission("http://127.0.0.1:"+httpPort+"/a/b/-", "DELETE,GET:X-Foo,Y-Foo"),
            new URLPermission("https://127.0.0.1:"+httpsPort+"/a/c/-", "POST:*")));
    }

    String url1 = "http://127.0.0.1:"+httpPort+"/foo.html";
    String url2 = "https://127.0.0.1:"+httpsPort+"/a/c/d/e/foo.html";
    String url3 = "http://127.0.0.1:"+httpPort+"/a/b/c";
    String url4 = "https://127.0.0.1:"+httpsPort+"/a/b/c";

    test(url1, "GET", "X-Foo", expectException);
    test(url2, "POST", "X-Zxc");
    test(url3, "DELETE", "Y-Foo");
    test(url4, "POST", "Y-Foo", expectException);
}

static void serializationTest(String name, String actions)
    throws Exception {

    URLPermission out = new URLPermission(name, actions);

    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream o = new ObjectOutputStream(baos);
    o.writeObject(out);
    ByteArrayInputStream bain = new ByteArrayInputStream(baos.toByteArray());
    ObjectInputStream i = new ObjectInputStream(bain);
    URLPermission in = (URLPermission)i.readObject();
    if (!in.equals(out)) {
        System.out.println ("FAIL");
        System.out.println ("in = " + in);
        System.out.println ("out = " + out);
        failed = true;
    }
}

static void serializationTest(String name, String actions)
    throws Exception {

    URLPermission out = new URLPermission(name, actions);

    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream o = new ObjectOutputStream(baos);
    o.writeObject(out);
    ByteArrayInputStream bain = new ByteArrayInputStream(baos.toByteArray());
    ObjectInputStream i = new ObjectInputStream(bain);
    URLPermission in = (URLPermission)i.readObject();
    if (!in.equals(out)) {
        System.out.println ("FAIL");
        System.out.println ("in = " + in);
        System.out.println ("out = " + out);
        failed = true;
    }
}

static void serializationTest(String name, String actions)
    throws Exception {

    URLPermission out = new URLPermission(name, actions);

    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream o = new ObjectOutputStream(baos);
    o.writeObject(out);
    ByteArrayInputStream bain = new ByteArrayInputStream(baos.toByteArray());
    ObjectInputStream i = new ObjectInputStream(bain);
    URLPermission in = (URLPermission)i.readObject();
    if (!in.equals(out)) {
        System.out.println ("FAIL");
        System.out.println ("in = " + in);
        System.out.println ("out = " + out);
        failed = true;
    }
}

static void serializationTest(String name, String actions)
    throws Exception {

    URLPermission out = new URLPermission(name, actions);

    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream o = new ObjectOutputStream(baos);
    o.writeObject(out);
    ByteArrayInputStream bain = new ByteArrayInputStream(baos.toByteArray());
    ObjectInputStream i = new ObjectInputStream(bain);
    URLPermission in = (URLPermission)i.readObject();
    if (!in.equals(out)) {
        System.out.println ("FAIL");
        System.out.println ("in = " + in);
        System.out.println ("out = " + out);
        failed = true;
    }
}

/**
 * Adds a couple of common permissions for both unsigned extensions as well as Groovy scripts.
 *
 * @param permissions
 *            the permissions object which will get the permissions added to it
 */
private static void addCommonPermissions(Permissions permissions) {
    permissions.add(new AudioPermission("play"));
    permissions.add(new AWTPermission("listenToAllAWTEvents"));
    permissions.add(new AWTPermission("setWindowAlwaysOnTop"));
    permissions.add(new AWTPermission("watchMousePointer"));
    permissions.add(new LoggingPermission("control", ""));
    permissions.add(new SocketPermission("*", "connect, listen, accept, resolve"));
    permissions.add(new URLPermission("http://-", "*:*"));
    permissions.add(new URLPermission("https://-", "*:*"));

    // because random Java library calls use sun classes which may or may not do an acess check,
    // we have to grant access to all of them
    // this is a very unfortunate permission and I would love to not have it
    // so if at any point in the future this won't be necessary any longer, remove it!!!
    permissions.add(new RuntimePermission("accessClassInPackage.sun.*"));

    permissions.add(new RuntimePermission("accessDeclaredMembers"));
    permissions.add(new RuntimePermission("getenv.*"));
    permissions.add(new RuntimePermission("getFileSystemAttributes"));
    permissions.add(new RuntimePermission("readFileDescriptor"));
    permissions.add(new RuntimePermission("writeFileDescriptor"));
    permissions.add(new RuntimePermission("queuePrintJob"));
    permissions.add(new NetPermission("specifyStreamHandler"));
}

static void serializationTest(String name, String actions)
    throws Exception {

    URLPermission out = new URLPermission(name, actions);

    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream o = new ObjectOutputStream(baos);
    o.writeObject(out);
    ByteArrayInputStream bain = new ByteArrayInputStream(baos.toByteArray());
    ObjectInputStream i = new ObjectInputStream(bain);
    URLPermission in = (URLPermission)i.readObject();
    if (!in.equals(out)) {
        System.out.println ("FAIL");
        System.out.println ("in = " + in);
        System.out.println ("out = " + out);
        failed = true;
    }
}

static void serializationTest(String name, String actions)
    throws Exception {

    URLPermission out = new URLPermission(name, actions);

    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream o = new ObjectOutputStream(baos);
    o.writeObject(out);
    ByteArrayInputStream bain = new ByteArrayInputStream(baos.toByteArray());
    ObjectInputStream i = new ObjectInputStream(bain);
    URLPermission in = (URLPermission)i.readObject();
    if (!in.equals(out)) {
        System.out.println ("FAIL");
        System.out.println ("in = " + in);
        System.out.println ("out = " + out);
        failed = true;
    }
}

static void serializationTest(String name, String actions)
    throws Exception {

    URLPermission out = new URLPermission(name, actions);

    ByteArrayOutputStream baos = new ByteArrayOutputStream();
    ObjectOutputStream o = new ObjectOutputStream(baos);
    o.writeObject(out);
    ByteArrayInputStream bain = new ByteArrayInputStream(baos.toByteArray());
    ObjectInputStream i = new ObjectInputStream(bain);
    URLPermission in = (URLPermission)i.readObject();
    if (!in.equals(out)) {
        System.out.println ("FAIL");
        System.out.println ("in = " + in);
        System.out.println ("out = " + out);
        failed = true;
    }
}

/**
 *  if the caller has a URLPermission for connecting to the
 *  given URL, then return a SocketPermission which permits
 *  access to that destination. Return null otherwise. The permission
 *  is cached in a field (which can only be changed by redirects)
 */
SocketPermission URLtoSocketPermission(URL url) throws IOException {

    if (socketPermission != null) {
        return socketPermission;
    }

    SecurityManager sm = System.getSecurityManager();

    if (sm == null) {
        return null;
    }

    // the permission, which we might grant

    SocketPermission newPerm = new SocketPermission(
        getHostAndPort(url), "connect"
    );

    String actions = getRequestMethod()+":" +
            getUserSetHeaders().getHeaderNamesInList();

    String urlstring = url.getProtocol() + "://" + url.getAuthority()
            + url.getPath();

    URLPermission p = new URLPermission(urlstring, actions);
    try {
        sm.checkPermission(p);
        socketPermission = newPerm;
        return socketPermission;
    } catch (SecurityException e) {
        // fall thru
    }
    return null;
}

/**
 *  if the caller has a URLPermission for connecting to the
 *  given URL, then return a SocketPermission which permits
 *  access to that destination. Return null otherwise. The permission
 *  is cached in a field (which can only be changed by redirects)
 */
SocketPermission URLtoSocketPermission(URL url) throws IOException {

    if (socketPermission != null) {
        return socketPermission;
    }

    SecurityManager sm = System.getSecurityManager();

    if (sm == null) {
        return null;
    }

    // the permission, which we might grant

    SocketPermission newPerm = new SocketPermission(
        getHostAndPort(url), "connect"
    );

    String actions = getRequestMethod()+":" +
            getUserSetHeaders().getHeaderNamesInList();

    String urlstring = url.getProtocol() + "://" + url.getAuthority()
            + url.getPath();

    URLPermission p = new URLPermission(urlstring, actions);
    try {
        sm.checkPermission(p);
        socketPermission = newPerm;
        return socketPermission;
    } catch (SecurityException e) {
        // fall thru
    }
    return null;
}

@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return true;
    } catch (Exception e) {
        return false;
    }
}

@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return false;
    } catch (IllegalArgumentException e) {
        return true;
    }
}

boolean execute() {
    URLPermission p1 = new URLPermission (arg1, "GET:*");
    URLPermission p2 = new URLPermission (arg2, "GET:*");
    boolean result = p1.implies(p2);
    if (result != expected) {
        System.out.println("p1 = " + p1);
        System.out.println("p2 = " + p2);
    }
    return result == expected;
}

@Override
  boolean execute() {
    String url1 = "http://www.foo.com/-";
    String url2 = "http://www.foo.com/a/b";
    URLPermission p1 = new URLPermission(url1, arg1);
    URLPermission p2 = new URLPermission(url2, arg2);
    boolean result = p1.implies(p2);

    return result == expected;
}

@Override
  boolean execute() {
    URLPermission p1 = new URLPermission(arg1);
    URLPermission p2 = new URLPermission(arg2);
    boolean result = p1.equals(p2);

    return result == expected;
}

/**
 *  if the caller has a URLPermission for connecting to the
 *  given URL, then return a SocketPermission which permits
 *  access to that destination. Return null otherwise. The permission
 *  is cached in a field (which can only be changed by redirects)
 */
SocketPermission URLtoSocketPermission(URL url) throws IOException {

    if (socketPermission != null) {
        return socketPermission;
    }

    SecurityManager sm = System.getSecurityManager();

    if (sm == null) {
        return null;
    }

    // the permission, which we might grant

    SocketPermission newPerm = new SocketPermission(
        getHostAndPort(url), "connect"
    );

    String actions = getRequestMethod()+":" +
            getUserSetHeaders().getHeaderNamesInList();

    String urlstring = url.getProtocol() + "://" + url.getAuthority()
            + url.getPath();

    URLPermission p = new URLPermission(urlstring, actions);
    try {
        sm.checkPermission(p);
        socketPermission = newPerm;
        return socketPermission;
    } catch (SecurityException e) {
        // fall thru
    }
    return null;
}

/**
 * Returns the security permission required for the given details.
 * If method is CONNECT, then uri must be of form "scheme://host:port"
 */
public static URLPermission getPermission(URI uri,
                                          String method,
                                          Map<String, List<String>> headers) {
    StringBuilder sb = new StringBuilder();

    String urlstring, actionstring;

    if (method.equals("CONNECT")) {
        urlstring = uri.toString();
        actionstring = "CONNECT";
    } else {
        sb.append(uri.getScheme())
                .append("://")
                .append(uri.getAuthority())
                .append(uri.getPath());
        urlstring = sb.toString();

        sb = new StringBuilder();
        sb.append(method);
        if (headers != null && !headers.isEmpty()) {
            sb.append(':');
            Set<String> keys = headers.keySet();
            boolean first = true;
            for (String key : keys) {
                if (!first) {
                    sb.append(',');
                }
                sb.append(key);
                first = false;
            }
        }
        actionstring = sb.toString();
    }
    return new URLPermission(urlstring, actionstring);
}

static void test1() throws IOException {
    System.out.println("\n--- Test 1 ---");

    boolean expectException = false;
    SecurityManager sm = System.getSecurityManager();
    if (sm != null) {
        expectException = true;
        Policy.setPolicy(new CustomPolicy(
            new URLPermission("http://127.0.0.1:"+httpPort+"/foo.html", "GET:X-Foo,Z-Bar"),
            new URLPermission("https://127.0.0.1:"+httpsPort+"/foo.html", "POST:X-Fob,T-Bar")));
    }

    String url1 = "http://127.0.0.1:"+httpPort+"/foo.html";
    String url2 = "https://127.0.0.1:"+httpsPort+"/foo.html";
    String url3 = "http://127.0.0.1:"+httpPort+"/bar.html";
    String url4 = "https://127.0.0.1:"+httpsPort+"/bar.html";

    // simple positive test. Should succeed
    test(url1, "GET", "X-Foo");
    test(url1, "GET", "Z-Bar", "X-Foo");
    test(url1, "GET", "X-Foo", "Z-Bar");
    test(url1, "GET", "Z-Bar");
    test(url2, "POST", "X-Fob");

    // reverse the methods, should fail
    test(url1, "POST", "X-Foo", expectException);
    test(url2, "GET", "X-Fob", expectException);

    // different URLs, should fail
    test(url3, "GET", "X-Foo", expectException);
    test(url4, "POST", "X-Fob", expectException);
}

@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return true;
    } catch (Exception e) {
        return false;
    }
}

@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return false;
    } catch (IllegalArgumentException e) {
        return true;
    }
}

boolean execute() {
    URLPermission p1 = new URLPermission (arg1, "GET:*");
    URLPermission p2 = new URLPermission (arg2, "GET:*");
    boolean result = p1.implies(p2);
    if (result != expected) {
        System.out.println("p1 = " + p1);
        System.out.println("p2 = " + p2);
    }
    return result == expected;
}

@Override
  boolean execute() {
    URLPermission p1 = new URLPermission(url1, arg1);
    URLPermission p2 = new URLPermission(url2, arg2);
    boolean result = p1.implies(p2);

    return result == expected;
}

@Override
  boolean execute() {
    URLPermission p1 = new URLPermission(arg1);
    URLPermission p2 = new URLPermission(arg2);
    boolean result = p1.equals(p2);

    return result == expected;
}

LookupTestPolicy() throws Exception {
    perms.add(new NetPermission("setProxySelector"));
    perms.add(new SocketPermission("localhost:1024-", "resolve,accept"));
    perms.add(new URLPermission("http://allowedAndFound.com:" + port + "/-", "*:*"));
    perms.add(new URLPermission("http://allowedButNotfound.com:" + port + "/-", "*:*"));
    perms.add(new FilePermission("<<ALL FILES>>", "read,write,delete"));
    //perms.add(new PropertyPermission("java.io.tmpdir", "read"));
}

/**
 * Returns the security permission required for the given details.
 * If method is CONNECT, then uri must be of form "scheme://host:port"
 */
static URLPermission getPermission(URI uri,
                                   String method,
                                   Map<String, List<String>> headers) {
    StringBuilder sb = new StringBuilder();

    String urlstring, actionstring;

    if (method.equals("CONNECT")) {
        urlstring = uri.toString();
        actionstring = "CONNECT";
    } else {
        sb.append(uri.getScheme())
                .append("://")
                .append(uri.getAuthority())
                .append(uri.getPath());
        urlstring = sb.toString();

        sb = new StringBuilder();
        sb.append(method);
        if (headers != null && !headers.isEmpty()) {
            sb.append(':');
            Set<String> keys = headers.keySet();
            boolean first = true;
            for (String key : keys) {
                if (!first) {
                    sb.append(',');
                }
                sb.append(key);
                first = false;
            }
        }
        actionstring = sb.toString();
    }
    return new URLPermission(urlstring, actionstring);
}

/**
 *  if the caller has a URLPermission for connecting to the
 *  given URL, then return a SocketPermission which permits
 *  access to that destination. Return null otherwise. The permission
 *  is cached in a field (which can only be changed by redirects)
 */
SocketPermission URLtoSocketPermission(URL url) throws IOException {

    if (socketPermission != null) {
        return socketPermission;
    }

    SecurityManager sm = System.getSecurityManager();

    if (sm == null) {
        return null;
    }

    // the permission, which we might grant

    SocketPermission newPerm = new SocketPermission(
        getHostAndPort(url), "connect"
    );

    String actions = getRequestMethod()+":" +
            getUserSetHeaders().getHeaderNamesInList();

    String urlstring = url.getProtocol() + "://" + url.getAuthority()
            + url.getPath();

    URLPermission p = new URLPermission(urlstring, actions);
    try {
        sm.checkPermission(p);
        socketPermission = newPerm;
        return socketPermission;
    } catch (SecurityException e) {
        // fall thru
    }
    return null;
}

@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return true;
    } catch (Exception e) {
        return false;
    }
}

@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return false;
    } catch (IllegalArgumentException e) {
        return true;
    }
}

boolean execute() {
    URLPermission p1 = new URLPermission (arg1, "GET:*");
    URLPermission p2 = new URLPermission (arg2, "GET:*");
    boolean result = p1.implies(p2);
    if (result != expected) {
        System.out.println("p1 = " + p1);
        System.out.println("p2 = " + p2);
    }
    return result == expected;
}

@Override
  boolean execute() {
    String url1 = "http://www.foo.com/-";
    String url2 = "http://www.foo.com/a/b";
    URLPermission p1 = new URLPermission(url1, arg1);
    URLPermission p2 = new URLPermission(url2, arg2);
    boolean result = p1.implies(p2);

    return result == expected;
}

@Override
  boolean execute() {
    URLPermission p1 = new URLPermission(arg1);
    URLPermission p2 = new URLPermission(arg2);
    boolean result = p1.equals(p2);

    return result == expected;
}

/**
 *  if the caller has a URLPermission for connecting to the
 *  given URL, then return a SocketPermission which permits
 *  access to that destination. Return null otherwise. The permission
 *  is cached in a field (which can only be changed by redirects)
 */
SocketPermission URLtoSocketPermission(URL url) throws IOException {

    if (socketPermission != null) {
        return socketPermission;
    }

    SecurityManager sm = System.getSecurityManager();

    if (sm == null) {
        return null;
    }

    // the permission, which we might grant

    SocketPermission newPerm = new SocketPermission(
        getHostAndPort(url), "connect"
    );

    String actions = getRequestMethod()+":" +
            getUserSetHeaders().getHeaderNamesInList();

    String urlstring = url.getProtocol() + "://" + url.getAuthority()
            + url.getPath();

    URLPermission p = new URLPermission(urlstring, actions);
    try {
        sm.checkPermission(p);
        socketPermission = newPerm;
        return socketPermission;
    } catch (SecurityException e) {
        // fall thru
    }
    return null;
}

@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return true;
    } catch (Exception e) {
        return false;
    }
}

@Override
boolean execute() {
    try {
        URLPermission p = new URLPermission(arg);
        return false;
    } catch (IllegalArgumentException e) {
        return true;
    }
}

boolean execute() {
    URLPermission p1 = new URLPermission (arg1, "GET:*");
    URLPermission p2 = new URLPermission (arg2, "GET:*");
    boolean result = p1.implies(p2);
    if (result != expected) {
        System.out.println("p1 = " + p1);
        System.out.println("p2 = " + p2);
    }
    return result == expected;
}

@Override
  boolean execute() {
    String url1 = "http://www.foo.com/-";
    String url2 = "http://www.foo.com/a/b";
    URLPermission p1 = new URLPermission(url1, arg1);
    URLPermission p2 = new URLPermission(url2, arg2);
    boolean result = p1.implies(p2);

    return result == expected;
}

@Override
  boolean execute() {
    URLPermission p1 = new URLPermission(arg1);
    URLPermission p2 = new URLPermission(arg2);
    boolean result = p1.equals(p2);

    return result == expected;
}