提交 0dadd786 编写于 作者: M michaelm

8010464: Evolve java networking same origin policy

Reviewed-by: alanb, chegar, dsamersoff, weijun
上级 8d027635
......@@ -50,6 +50,18 @@ import java.util.Date;
* <a href="doc-files/net-properties.html#Proxies">Proxy settings</a> as well as
* <a href="doc-files/net-properties.html#MiscHTTP"> various other settings</a>.
* </P>
* <p>
* <b>Security permissions</b>
* <p>
* If a security manager is installed, and if a method is called which results in an
* attempt to open a connection, the caller must possess either:-
* <ul><li>a "connect" {@link SocketPermission} to the host/port combination of the
* destination URL or</li>
* <li>a {@link HttpURLPermission} that permits this request.</li>
* </ul><p>
* If automatic redirection is enabled, and this request is redirected to another
* destination, then the caller must also have permission to connect to the
* redirected host/URL.
*
* @see java.net.HttpURLConnection#disconnect()
* @since JDK1.1
......
/*
* Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
* particular file as subject to the "Classpath" exception as provided
* by Oracle in the LICENSE file that accompanied this code.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
package java.net;
import java.io.ObjectInputStream;
import java.io.IOException;
import java.util.List;
import java.util.ArrayList;
import java.util.Collections;
import java.security.Permission;
/**
* Represents permission to access a resource or set of resources defined by a
* given http or https url, and for a given set of user-settable request methods
* and request headers. The <i>name</i> of the permission is the url string.
* The <i>actions</i> string is a concatenation of the request methods and headers.
* The range of method and header names is not restricted by this class.
* <p><b>The url</b><p>
* The url string is also used to instantiate a {@link URI} object which is
* used for comparison with other HttpURLPermission instances. Therefore, any
* references in this specification to url, mean this URI object.
* The path component of the url comprises a sequence of path segments, separated
* by '/' characters. The path is specified in a similar way to the path
* in {@link java.io.FilePermission}. There are three different ways
* as the following examples show:
* <table border>
* <tr><th>Example url</th><th>Description</th></tr>
* <tr><td style="white-space:nowrap;">http://www.oracle.com/a/b/c.html</td>
* <td>A url which identifies a specific (single) resource</td>
* </tr>
* <tr><td>http://www.oracle.com/a/b/*</td>
* <td>The '*' character refers to all resources in the same "directory" - in
* other words all resources with the same number of path components, and
* which only differ in the final path component, represented by the '*'.
* </td>
* </tr>
* <tr><td>http://www.oracle.com/a/b/-</li>
* <td>The '-' character refers to all resources recursively below the
* preceding path (eg. http://www.oracle.com/a/b/c/d/e.html matches this
* example).
* </td>
* </tr>
* </table>
* <p>
* The '*' and '-' may only be specified in the final segment of a path and must be
* the only character in that segment. Any query or fragment components of the
* url are ignored when constructing HttpURLPermissions.
* <p>
* As a special case, urls of the form, "http:*" or "https:*" are accepted to
* mean any url of the given scheme.
* <p><b>The actions string</b><p>
* The actions string of a HttpURLPermission is a concatenation of the <i>method list</i>
* and the <i>request headers list</i>. These are lists of the permitted HTTP request
* methods and permitted request headers of the permission (respectively). The two lists
* are separated by a colon ':' character and elements of each list are comma separated.
* Some examples are:
* <pre>
* "POST,GET,DELETE"
* "GET:X-Foo-Request,X-Bar-Request"
* "POST,GET:Header1,Header2"
* </pre>
* The first example specifies the methods: POST, GET and DELETE, but no request headers.
* The second example specifies one request method and two headers. The third
* example specifies two request methods, and two headers.
* <p>
* The colon separator need not be present if the request headers list is empty.
* No white-space is permitted in the actions string. The action strings supplied to
* the HttpURLPermission constructors are case-insensitive and are normalized by converting
* method names to upper-case and header names to the form defines in RFC2616 (lower case
* with initial letter of each word capitalized). Either list can contain a wild-card '*'
* character which signifies all request methods or headers respectively.
* <p>
* Note. Depending on the context of use, some request methods and headers may be permitted
* at all times, and others may not be permitted at any time. For example, the
* HTTP protocol handler might disallow certain headers such as Content-Length
* from being set by application code, regardless of whether the security policy
* in force, permits it.
*
* @since 1.8
*/
public final class HttpURLPermission extends Permission {
private static final long serialVersionUID = -2702463814894478682L;
private transient URI uri;
private transient List<String> methods;
private transient List<String> requestHeaders;
// serialized field
private String actions;
/**
* Creates a new HttpURLPermission from a url string and which permits the given
* request methods and user-settable request headers.
* The name of the permission is its url string. Only the scheme, authority
* and path components of the url are used. Any fragment or query
* components are ignored. The permissions action string is as specified above.
*
* @param url the url string
*
* @param actions the actions string
*
* @throws IllegalArgumentException if url does not result in a valid {@link URI},
* its scheme is not http or https, or if actions contains white-space.
*/
public HttpURLPermission(String url, String actions) {
super(url);
init(actions);
}
private void init(String actions) {
URI uri = parseURI(getName());
int colon = actions.indexOf(':');
if (actions.lastIndexOf(':') != colon) {
throw new IllegalArgumentException("invalid actions string");
}
String methods, headers;
if (colon == -1) {
methods = actions;
headers = "";
} else {
methods = actions.substring(0, colon);
headers = actions.substring(colon+1);
}
List<String> l = normalizeMethods(methods);
Collections.sort(l);
this.methods = Collections.unmodifiableList(l);
l = normalizeHeaders(headers);
Collections.sort(l);
this.requestHeaders = Collections.unmodifiableList(l);
this.actions = actions();
this.uri = uri;
}
/**
* Creates a HttpURLPermission with the given url string and unrestricted
* methods and request headers by invoking the two argument
* constructor as follows: HttpURLPermission(url, "*:*")
*
* @throws IllegalArgumentException if url does not result in a valid {@link URI}
*/
public HttpURLPermission(String url) {
this(url, "*:*");
}
/**
* Returns the normalized method list and request
* header list, in the form:
* <pre>
* "method-names : header-names"
* </pre>
* <p>
* where method-names is the list of methods separated by commas
* and header-names is the list of permitted headers separated by commas.
* There is no white space in the returned String. If header-names is empty
* then the colon separator will not be present.
*/
public String getActions() {
return actions;
}
/**
* Checks if this HttpURLPermission implies the given permission.
* Specifically, the following checks are done as if in the
* following sequence:
* <p><ul>
* <li>if 'p' is not an instance of HttpURLPermission return false</li>
* <li>if any of p's methods are not in this's method list, and if
* this's method list is not equal to "*", then return false.</li>
* <li>if any of p's headers are not in this's request header list, and if
* this's request header list is not equal to "*", then return false.</li>
* <li>if this's url is equal to p's url , then return true</li>
* <li>if this's url scheme is not equal to p's url scheme return false</li>
* <li>if the scheme specific part of this's url is '*' return true</li>
* <li>if this's url authority is not equal to p's url authority
* return false</li>
* <li>if the path or paths specified by p's url are contained in the
* set of paths specified by this's url, then return true
* <li>otherwise, return false</li>
* </ol>
* <p>
* Some examples of how paths are matched are shown below:
* <p>
* <table border>
* <tr><th>this's path</th><th>p's path</th><th>match</th></tr>
* <tr><td>/a/b</td><td>/a/b</td><td>yes</td></tr>
* <tr><td>/a/b/*</td><td>/a/b/c</td><td>yes</td></tr>
* <tr><td>/a/b/*</td><td>/a/b/c/d</td><td>no</td></tr>
* <tr><td>/a/b/-</td><td>/a/b/c/d</td><td>yes</td></tr>
* <tr><td>/a/b/-</td><td>/a/b/c/d/e</td><td>yes</td></tr>
* <tr><td>/a/b/-</td><td>/a/b/c/*</td><td>yes</td></tr>
* <tr><td>/a/b/*</td><td>/a/b/c/-</td><td>no</td></tr>
* </table>
*/
public boolean implies(Permission p) {
if (! (p instanceof HttpURLPermission)) {
return false;
}
HttpURLPermission that = (HttpURLPermission)p;
if (!this.methods.get(0).equals("*") &&
Collections.indexOfSubList(this.methods, that.methods) == -1) {
return false;
}
if (this.requestHeaders.isEmpty() && !that.requestHeaders.isEmpty()) {
return false;
}
if (!this.requestHeaders.isEmpty() &&
!this.requestHeaders.get(0).equals("*") &&
Collections.indexOfSubList(this.requestHeaders,
that.requestHeaders) == -1) {
return false;
}
if (this.uri.equals(that.uri)) {
return true;
}
if (!this.uri.getScheme().equals(that.uri.getScheme())) {
return false;
}
if (this.uri.getSchemeSpecificPart().equals("*")) {
return true;
}
String thisAuthority = this.uri.getAuthority();
if (thisAuthority != null &&
!thisAuthority.equals(that.uri.getAuthority())) {
return false;
}
String thispath = this.uri.getPath();
String thatpath = that.uri.getPath();
if (thispath.endsWith("/-")) {
String thisprefix = thispath.substring(0, thispath.length() - 1);
return thatpath.startsWith(thisprefix);
}
if (thispath.endsWith("/*")) {
String thisprefix = thispath.substring(0, thispath.length() - 1);
if (!thatpath.startsWith(thisprefix)) {
return false;
}
String thatsuffix = thatpath.substring(thisprefix.length());
// suffix must not contain '/' chars
if (thatsuffix.indexOf('/') != -1) {
return false;
}
if (thatsuffix.equals("-")) {
return false;
}
return true;
}
return false;
}
/**
* Returns true if, this.getActions().equals(p.getActions())
* and p's url equals this's url. Returns false otherwise.
*/
public boolean equals(Object p) {
if (!(p instanceof HttpURLPermission)) {
return false;
}
HttpURLPermission that = (HttpURLPermission)p;
return this.getActions().equals(that.getActions()) &&
this.uri.equals(that.uri);
}
/**
* Returns a hashcode calculated from the hashcode of the
* actions String and the url
*/
public int hashCode() {
return getActions().hashCode() + uri.hashCode();
}
private List<String> normalizeMethods(String methods) {
List<String> l = new ArrayList<>();
StringBuilder b = new StringBuilder();
for (int i=0; i<methods.length(); i++) {
char c = methods.charAt(i);
if (c == ',') {
String s = b.toString();
if (s.length() > 0)
l.add(s);
b = new StringBuilder();
} else if (c == ' ' || c == '\t') {
throw new IllegalArgumentException("white space not allowed");
} else {
if (c >= 'a' && c <= 'z') {
c += 'A' - 'a';
}
b.append(c);
}
}
String s = b.toString();
if (s.length() > 0)
l.add(s);
return l;
}
private List<String> normalizeHeaders(String headers) {
List<String> l = new ArrayList<>();
StringBuilder b = new StringBuilder();
boolean capitalizeNext = true;
for (int i=0; i<headers.length(); i++) {
char c = headers.charAt(i);
if (c >= 'a' && c <= 'z') {
if (capitalizeNext) {
c += 'A' - 'a';
capitalizeNext = false;
}
b.append(c);
} else if (c == ' ' || c == '\t') {
throw new IllegalArgumentException("white space not allowed");
} else if (c == '-') {
capitalizeNext = true;
b.append(c);
} else if (c == ',') {
String s = b.toString();
if (s.length() > 0)
l.add(s);
b = new StringBuilder();
capitalizeNext = true;
} else {
capitalizeNext = false;
b.append(c);
}
}
String s = b.toString();
if (s.length() > 0)
l.add(s);
return l;
}
private URI parseURI(String url) {
URI u = URI.create(url);
String scheme = u.getScheme();
if (!(scheme.equalsIgnoreCase("http") ||
scheme.equalsIgnoreCase("https"))) {
throw new IllegalArgumentException ("unexpected URL scheme");
}
if (!u.getSchemeSpecificPart().equals("*")) {
u = URI.create(scheme + "://" + u.getAuthority() + u.getPath());
}
return u;
}
private String actions() {
StringBuilder b = new StringBuilder();
for (String s : methods) {
b.append(s);
}
b.append(":");
for (String s : requestHeaders) {
b.append(s);
}
return b.toString();
}
/**
* restore the state of this object from stream
*/
private void readObject(ObjectInputStream s)
throws IOException, ClassNotFoundException {
ObjectInputStream.GetField fields = s.readFields();
String actions = (String)fields.get("actions", null);
init(actions);
}
}
......@@ -31,12 +31,7 @@ package sun.net.www;
import java.io.*;
import java.util.Collections;
import java.util.Map;
import java.util.HashMap;
import java.util.List;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.NoSuchElementException;
import java.util.*;
/** An RFC 844 or MIME message header. Includes methods
for parsing headers from incoming streams, fetching
......@@ -59,6 +54,17 @@ class MessageHeader {
parseHeader(is);
}
/**
* Returns list of header names in a comma separated list
*/
public synchronized String getHeaderNamesInList() {
StringJoiner joiner = new StringJoiner(",");
for (int i=0; i<nkeys; i++) {
joiner.add(keys[i]);
}
return joiner.toString();
}
/**
* Reset a message header (all key/values removed)
*/
......
......@@ -36,6 +36,7 @@ import java.net.HttpCookie;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.net.SocketTimeoutException;
import java.net.SocketPermission;
import java.net.Proxy;
import java.net.ProxySelector;
import java.net.URI;
......@@ -45,8 +46,13 @@ import java.net.ResponseCache;
import java.net.CacheResponse;
import java.net.SecureCacheResponse;
import java.net.CacheRequest;
import java.net.HttpURLPermission;
import java.net.Authenticator.RequestorType;
import java.security.AccessController;
import java.security.PrivilegedExceptionAction;
import java.security.PrivilegedActionException;
import java.io.*;
import java.net.*;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
......@@ -303,6 +309,19 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
*/
private MessageHeader requests;
/* The headers actually set by the user are recorded here also
*/
private MessageHeader userHeaders;
/* Headers and request method cannot be changed
* once this flag is set in :-
* - getOutputStream()
* - getInputStream())
* - connect()
* Access synchronized on this.
*/
private boolean connecting = false;
/* The following two fields are only used with Digest Authentication */
String domain; /* The list of authentication domains */
DigestAuthentication.Parameters digestparams;
......@@ -370,6 +389,9 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
private int connectTimeout = NetworkClient.DEFAULT_CONNECT_TIMEOUT;
private int readTimeout = NetworkClient.DEFAULT_READ_TIMEOUT;
/* A permission converted from a HttpURLPermission */
private SocketPermission socketPermission;
/* Logging support */
private static final PlatformLogger logger =
PlatformLogger.getLogger("sun.net.www.protocol.http.HttpURLConnection");
......@@ -487,6 +509,14 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
}
public synchronized void setRequestMethod(String method)
throws ProtocolException {
if (connecting) {
throw new IllegalStateException("connect in progress");
}
super.setRequestMethod(method);
}
/* adds the standard key/val pairs to reqests if necessary & write to
* given PrintStream
*/
......@@ -729,6 +759,7 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
super(u);
requests = new MessageHeader();
responses = new MessageHeader();
userHeaders = new MessageHeader();
this.handler = handler;
instProxy = p;
if (instProxy instanceof sun.net.ApplicationProxy) {
......@@ -849,6 +880,9 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
// overridden in HTTPS subclass
public void connect() throws IOException {
synchronized (this) {
connecting = true;
}
plainConnect();
}
......@@ -867,10 +901,86 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
return false;
}
private String getHostAndPort(URL url) {
String host = url.getHost();
int port = url.getPort();
if (port == -1) {
String scheme = url.getProtocol();
if ("http".equals(scheme)) {
return host + ":80";
} else { // scheme must be https
return host + ":443";
}
}
return host + ":" + Integer.toString(port);
}
protected void plainConnect() throws IOException {
if (connected) {
return;
synchronized (this) {
if (connected) {
return;
}
}
SocketPermission p = URLtoSocketPermission(this.url);
if (p != null) {
try {
AccessController.doPrivileged(
new PrivilegedExceptionAction<Void>() {
public Void run() throws IOException {
plainConnect0();
return null;
}
}
// }, null, p -- replace line above, when limited doPriv ready
);
} catch (PrivilegedActionException e) {
throw (IOException) e.getException();
}
} else {
// run without additional permission
plainConnect0();
}
}
/**
* if the caller has a HttpURLPermission for connecting to the
* given URL, then return a SocketPermission which permits
* access to that destination. Return null otherwise. The permission
* is cached in a field (which can only be changed by redirects)
*/
SocketPermission URLtoSocketPermission(URL url) throws IOException {
if (socketPermission != null) {
return socketPermission;
}
SecurityManager sm = System.getSecurityManager();
if (sm == null) {
return null;
}
// the permission, which we might grant
SocketPermission newPerm = new SocketPermission(
getHostAndPort(url), "connect"
);
String actions = getRequestMethod()+":" +
getUserSetHeaders().getHeaderNamesInList();
HttpURLPermission p = new HttpURLPermission(url.toString(), actions);
try {
sm.checkPermission(p);
socketPermission = newPerm;
return socketPermission;
} catch (SecurityException e) {
// fall thru
}
return null;
}
protected void plainConnect0() throws IOException {
// try to see if request can be served from local cache
if (cacheHandler != null && getUseCaches()) {
try {
......@@ -1068,7 +1178,28 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
@Override
public synchronized OutputStream getOutputStream() throws IOException {
connecting = true;
SocketPermission p = URLtoSocketPermission(this.url);
if (p != null) {
try {
return AccessController.doPrivileged(
new PrivilegedExceptionAction<OutputStream>() {
public OutputStream run() throws IOException {
return getOutputStream0();
}
}
// }, null, p -- replace line above, when limited doPriv ready
);
} catch (PrivilegedActionException e) {
throw (IOException) e.getException();
}
} else {
return getOutputStream0();
}
}
private synchronized OutputStream getOutputStream0() throws IOException {
try {
if (!doOutput) {
throw new ProtocolException("cannot write to a URLConnection"
......@@ -1231,8 +1362,30 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
}
@Override
@SuppressWarnings("empty-statement")
public synchronized InputStream getInputStream() throws IOException {
connecting = true;
SocketPermission p = URLtoSocketPermission(this.url);
if (p != null) {
try {
return AccessController.doPrivileged(
new PrivilegedExceptionAction<InputStream>() {
public InputStream run() throws IOException {
return getInputStream0();
}
}
// }, null, p -- replace line above, when limited doPriv ready
);
} catch (PrivilegedActionException e) {
throw (IOException) e.getException();
}
} else {
return getInputStream0();
}
}
@SuppressWarnings("empty-statement")
private synchronized InputStream getInputStream0() throws IOException {
if (!doInput) {
throw new ProtocolException("Cannot read from URLConnection"
......@@ -2319,18 +2472,19 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
return false;
}
int stat = getResponseCode();
final int stat = getResponseCode();
if (stat < 300 || stat > 307 || stat == 306
|| stat == HTTP_NOT_MODIFIED) {
return false;
}
String loc = getHeaderField("Location");
final String loc = getHeaderField("Location");
if (loc == null) {
/* this should be present - if not, we have no choice
* but to go forward w/ the response we got
*/
return false;
}
URL locUrl;
try {
locUrl = new URL(loc);
......@@ -2342,6 +2496,38 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
// treat loc as a relative URI to conform to popular browsers
locUrl = new URL(url, loc);
}
final URL locUrl0 = locUrl;
socketPermission = null; // force recalculation
SocketPermission p = URLtoSocketPermission(locUrl);
if (p != null) {
try {
return AccessController.doPrivileged(
new PrivilegedExceptionAction<Boolean>() {
public Boolean run() throws IOException {
return followRedirect0(loc, stat, locUrl0);
}
}
// }, null, p -- replace line above, when limited doPriv ready
);
} catch (PrivilegedActionException e) {
throw (IOException) e.getException();
}
} else {
// run without additional permission
return followRedirect0(loc, stat, locUrl);
}
}
/* Tells us whether to follow a redirect. If so, it
* closes the connection (break any keep-alive) and
* resets the url, re-connects, and resets the request
* property.
*/
private boolean followRedirect0(String loc, int stat, URL locUrl)
throws IOException
{
disconnectInternal();
if (streaming()) {
throw new HttpRetryException (RETRY_MSG3, stat, loc);
......@@ -2753,17 +2939,24 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @param value the value to be set
*/
@Override
public void setRequestProperty(String key, String value) {
if (connected)
public synchronized void setRequestProperty(String key, String value) {
if (connected || connecting)
throw new IllegalStateException("Already connected");
if (key == null)
throw new NullPointerException ("key is null");
if (isExternalMessageHeaderAllowed(key, value)) {
requests.set(key, value);
if (!key.equalsIgnoreCase("Content-Type")) {
userHeaders.set(key, value);
}
}
}
MessageHeader getUserSetHeaders() {
return userHeaders;
}
/**
* Adds a general request property specified by a
* key-value pair. This method will not overwrite
......@@ -2776,14 +2969,17 @@ public class HttpURLConnection extends java.net.HttpURLConnection {
* @since 1.4
*/
@Override
public void addRequestProperty(String key, String value) {
if (connected)
public synchronized void addRequestProperty(String key, String value) {
if (connected || connecting)
throw new IllegalStateException("Already connected");
if (key == null)
throw new NullPointerException ("key is null");
if (isExternalMessageHeaderAllowed(key, value)) {
requests.add(key, value);
if (!key.equalsIgnoreCase("Content-Type")) {
userHeaders.add(key, value);
}
}
}
......
/*
* Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.net.HttpURLPermission;
import java.io.*;
/**
* @test
* @bug 8010464
*/
public class HttpURLPermissionTest {
// super class for all test types
abstract static class Test {
boolean expected;
abstract boolean execute();
};
// Tests URL part of implies() method. This is the main test.
static class URLImpliesTest extends Test {
String arg1, arg2;
URLImpliesTest(String arg1, String arg2, boolean expected) {
this.arg1 = arg1;
this.arg2 = arg2;
this.expected = expected;
}
boolean execute() {
HttpURLPermission p1 = new HttpURLPermission (arg1, "GET:*");
HttpURLPermission p2 = new HttpURLPermission (arg2, "GET:*");
boolean result = p1.implies(p2);
return result == expected;
}
};
static URLImpliesTest imtest(String arg1, String arg2, boolean expected) {
return new URLImpliesTest(arg1, arg2, expected);
}
static class ActionImpliesTest extends Test {
String arg1, arg2;
ActionImpliesTest(String arg1, String arg2, boolean expected) {
this.arg1 = arg1;
this.arg2 = arg2;
this.expected = expected;
}
boolean execute() {
String url1 = "http://www.foo.com/-";
String url2 = "http://www.foo.com/a/b";
HttpURLPermission p1 = new HttpURLPermission(url1, arg1);
HttpURLPermission p2 = new HttpURLPermission(url2, arg2);
boolean result = p1.implies(p2);
return result == expected;
}
}
static ActionImpliesTest actest(String arg1, String arg2, boolean expected) {
return new ActionImpliesTest(arg1, arg2, expected);
}
static Test[] pathImplies = {
// single
imtest("http://www.foo.com/", "http://www.foo.com/", true),
imtest("http://www.bar.com/", "http://www.foo.com/", false),
imtest("http://www.foo.com/a/b", "http://www.foo.com/", false),
imtest("http://www.foo.com/a/b", "http://www.foo.com/a/b/c", false),
// wildcard
imtest("http://www.foo.com/a/b/*", "http://www.foo.com/a/b/c", true),
imtest("http://www.foo.com/a/b/*", "http://www.foo.com/a/b/*", true),
imtest("http://www.foo.com/a/b/*", "http://www.foo.com/a/b/c#frag", true),
imtest("http://www.foo.com/a/b/*", "http://www.foo.com/a/b/c#frag?foo=foo", true),
imtest("http://www.foo.com/a/b/*", "http://www.foo.com/b/b/c", false),
imtest("http://www.foo.com/a/b/*", "http://www.foo.com/a/b/c.html", true),
imtest("http://www.foo.com/a/b/*", "http://www.foo.com/a/b/c.html", true),
imtest("http://www.foo.com/a/b/*", "https://www.foo.com/a/b/c", false),
// recursive
imtest("http://www.foo.com/a/b/-", "http://www.foo.com/a/b/-", true),
imtest("http://www.foo.com/a/b/-", "http://www.foo.com/a/b/c", true),
imtest("http://www.foo.com/a/b/-", "http://www.foo.com/a/b/c#frag", true),
imtest("http://www.foo.com/a/b/-", "http://www.foo.com/a/b/c#frag?foo=foo", true),
imtest("http://www.foo.com/a/b/-", "http://www.foo.com/b/b/c", false),
imtest("http://www.foo.com/a/b/-", "http://www.foo.com/a/b/c.html", true),
imtest("http://www.foo.com/a/b/-", "http://www.foo.com/a/b/c.html", true),
imtest("http://www.foo.com/a/b/-", "http://www.foo.com/a/b/c/d/e.html", true),
imtest("https://www.foo.com/a/b/-", "http://www.foo.com/a/b/c/d/e.html", false),
imtest("http://www.foo.com/a/b/-", "http://www.foo.com/a/b/c/d/e#frag", true),
imtest("http://www.foo.com/a/b/-", "https://www.foo.com/a/b/c", false),
// special cases
imtest("http:*", "https://www.foo.com/a/b/c", false),
imtest("http:*", "http://www.foo.com/a/b/c", true),
imtest("http:*", "http://foo/bar", true),
imtest("http://foo/bar", "https://foo/bar", false)
};
static Test[] actionImplies = {
actest("GET", "GET", true),
actest("GET", "POST", false),
actest("GET:", "PUT", false),
actest("GET:", "GET", true),
actest("GET,POST", "GET", true),
actest("GET,POST:", "GET", true),
actest("GET:X-Foo", "GET:x-foo", true),
actest("GET:X-Foo,X-bar", "GET:x-foo", true),
actest("GET:X-Foo", "GET:x-boo", false),
actest("GET:X-Foo,X-Bar", "GET:x-bar,x-foo", true),
actest("GET:X-Bar,X-Foo,X-Bar,Y-Foo", "GET:x-bar,x-foo", true),
actest("GET:*", "GET:x-bar,x-foo", true),
actest("*:*", "GET:x-bar,x-foo", true)
};
static boolean failed = false;
public static void main(String args[]) throws Exception {
for (int i=0; i<pathImplies.length ; i++) {
URLImpliesTest test = (URLImpliesTest)pathImplies[i];
Exception caught = null;
boolean result = false;
try {
result = test.execute();
} catch (Exception e) {
caught = e;
e.printStackTrace();
}
if (!result) {
failed = true;
System.out.println ("test failed: " + test.arg1 + ": " +
test.arg2 + " Exception: " + caught);
}
System.out.println ("path test " + i + " OK");
}
for (int i=0; i<actionImplies.length ; i++) {
ActionImpliesTest test = (ActionImpliesTest)actionImplies[i];
Exception caught = null;
boolean result = false;
try {
result = test.execute();
} catch (Exception e) {
caught = e;
e.printStackTrace();
}
if (!result) {
failed = true;
System.out.println ("test failed: " + test.arg1 + ": " +
test.arg2 + " Exception: " + caught);
}
System.out.println ("action test " + i + " OK");
}
serializationTest("http://www.foo.com/-", "GET,DELETE:*");
serializationTest("https://www.foo.com/-", "POST:X-Foo");
serializationTest("https:*", "*:*");
serializationTest("http://www.foo.com/a/b/s/", "POST:X-Foo");
serializationTest("http://www.foo.com/a/b/s/*", "POST:X-Foo");
if (failed) {
throw new RuntimeException("some tests failed");
}
}
static void serializationTest(String name, String actions)
throws Exception {
HttpURLPermission out = new HttpURLPermission(name, actions);
FileOutputStream fos = new FileOutputStream("out.ser");
ObjectOutputStream o = new ObjectOutputStream(fos);
o.writeObject(out);
FileInputStream fis = new FileInputStream("out.ser");
ObjectInputStream i = new ObjectInputStream(fis);
HttpURLPermission in = (HttpURLPermission)i.readObject();
if (!in.equals(out)) {
System.out.println ("FAIL");
System.out.println ("in = " + in);
System.out.println ("out = " + out);
failed = true;
}
}
}
/*
* Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
import java.net.HttpURLPermission;
/*
* Run the tests once without security manager and once with
*
* @test
* @bug 8010464
* @compile ../../../com/sun/net/httpserver/SimpleSSLContext.java
* @run main/othervm/policy=policy.1 URLTest one
* @run main/othervm URLTest one
* @run main/othervm/policy=policy.2 URLTest two
* @run main/othervm URLTest two
* @run main/othervm/policy=policy.3 URLTest three
* @run main/othervm URLTest three
*/
import java.net.*;
import java.io.*;
import java.util.*;
import java.util.concurrent.*;
import java.util.logging.*;
import com.sun.net.httpserver.*;
import javax.net.ssl.*;
public class URLTest {
static boolean failed = false;
public static void main (String[] args) throws Exception {
boolean no = false, yes = true;
if (System.getSecurityManager() == null) {
yes = false;
}
createServers();
InetSocketAddress addr1 = httpServer.getAddress();
int port1 = addr1.getPort();
InetSocketAddress addr2 = httpsServer.getAddress();
int port2 = addr2.getPort();
// each of the following cases is run with a different policy file
switch (args[0]) {
case "one":
String url1 = "http://127.0.0.1:"+ port1 + "/foo.html";
String url2 = "https://127.0.0.1:"+ port2 + "/foo.html";
String url3 = "http://127.0.0.1:"+ port1 + "/bar.html";
String url4 = "https://127.0.0.1:"+ port2 + "/bar.html";
// simple positive test. Should succceed
test(url1, "GET", "X-Foo", no);
test(url1, "GET", "Z-Bar", "X-Foo", no);
test(url1, "GET", "X-Foo", "Z-Bar", no);
test(url1, "GET", "Z-Bar", no);
test(url2, "POST", "X-Fob", no);
// reverse the methods, should fail
test(url1, "POST", "X-Foo", yes);
test(url2, "GET", "X-Fob", yes);
// different URLs, should fail
test(url3, "GET", "X-Foo", yes);
test(url4, "POST", "X-Fob", yes);
break;
case "two":
url1 = "http://127.0.0.1:"+ port1 + "/foo.html";
url2 = "https://127.0.0.1:"+ port2 + "/foo.html";
url3 = "http://127.0.0.1:"+ port1 + "/bar.html";
url4 = "https://127.0.0.1:"+ port2 + "/bar.html";
// simple positive test. Should succceed
test(url1, "GET", "X-Foo", no);
test(url2, "POST", "X-Fob", no);
test(url3, "GET", "X-Foo", no);
test(url4, "POST", "X-Fob", no);
break;
case "three":
url1 = "http://127.0.0.1:"+ port1 + "/foo.html";
url2 = "https://127.0.0.1:"+ port2 + "/a/c/d/e/foo.html";
url3 = "http://127.0.0.1:"+ port1 + "/a/b/c";
url4 = "https://127.0.0.1:"+ port2 + "/a/b/c";
test(url1, "GET", "X-Foo", yes);
test(url2, "POST", "X-Zxc", no);
test(url3, "DELETE", "Y-Foo", no);
test(url4, "POST", "Y-Foo", yes);
break;
}
shutdown();
if (failed) {
throw new RuntimeException("Test failed");
}
}
public static void test (
String u, String method,
String header, boolean exceptionExpected
)
throws Exception
{
test(u, method, header, null, exceptionExpected);
}
public static void test (
String u, String method,
String header1, String header2, boolean exceptionExpected
)
throws Exception
{
URL url = new URL(u);
System.out.println ("url=" + u + " method="+method + " header1="+header1
+" header2 = " + header2
+" exceptionExpected="+exceptionExpected);
HttpURLConnection urlc = (HttpURLConnection)url.openConnection();
if (urlc instanceof HttpsURLConnection) {
HttpsURLConnection ssl = (HttpsURLConnection)urlc;
ssl.setHostnameVerifier(new HostnameVerifier() {
public boolean verify(String host, SSLSession sess) {
return true;
}
});
ssl.setSSLSocketFactory (ctx.getSocketFactory());
}
urlc.setRequestMethod(method);
if (header1 != null) {
urlc.addRequestProperty(header1, "foo");
}
if (header2 != null) {
urlc.addRequestProperty(header2, "bar");
}
try {
int g = urlc.getResponseCode();
if (exceptionExpected) {
failed = true;
System.out.println ("FAIL");
return;
}
if (g != 200) {
String s = Integer.toString(g);
throw new RuntimeException("unexpected response "+ s);
}
InputStream is = urlc.getInputStream();
int c,count=0;
byte[] buf = new byte[1024];
while ((c=is.read(buf)) != -1) {
count += c;
}
is.close();
} catch (RuntimeException e) {
if (! (e instanceof SecurityException) &&
!(e.getCause() instanceof SecurityException) ||
!exceptionExpected)
{
System.out.println ("FAIL");
//e.printStackTrace();
failed = true;
}
}
System.out.println ("OK");
}
static HttpServer httpServer;
static HttpsServer httpsServer;
static HttpContext c, cs;
static ExecutorService e, es;
static SSLContext ctx;
// These ports need to be hard-coded until we support port number
// ranges in the permission class
static final int PORT1 = 12567;
static final int PORT2 = 12568;
static void createServers() throws Exception {
InetSocketAddress addr1 = new InetSocketAddress (PORT1);
InetSocketAddress addr2 = new InetSocketAddress (PORT2);
httpServer = HttpServer.create (addr1, 0);
httpsServer = HttpsServer.create (addr2, 0);
MyHandler h = new MyHandler();
c = httpServer.createContext ("/", h);
cs = httpsServer.createContext ("/", h);
e = Executors.newCachedThreadPool();
es = Executors.newCachedThreadPool();
httpServer.setExecutor (e);
httpsServer.setExecutor (es);
// take the keystore from elsewhere in test hierarchy
String keysdir = System.getProperty("test.src")
+ "/../../../com/sun/net/httpserver/";
ctx = new SimpleSSLContext(keysdir).get();
httpsServer.setHttpsConfigurator(new HttpsConfigurator (ctx));
httpServer.start();
httpsServer.start();
}
static void shutdown() {
httpServer.stop(1);
httpsServer.stop(1);
e.shutdown();
es.shutdown();
}
static class MyHandler implements HttpHandler {
MyHandler() {
}
public void handle(HttpExchange x) throws IOException {
x.sendResponseHeaders(200, -1);
x.close();
}
}
}
//
// Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
// DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
//
// This code is free software; you can redistribute it and/or modify it
// under the terms of the GNU General Public License version 2 only, as
// published by the Free Software Foundation.
//
// This code is distributed in the hope that it will be useful, but WITHOUT
// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
// FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
// version 2 for more details (a copy is included in the LICENSE file that
// accompanied this code).
//
// You should have received a copy of the GNU General Public License version
// 2 along with this work; if not, write to the Free Software Foundation,
// Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
//
// Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
// or visit www.oracle.com if you need additional information or have any
// questions.
//
grant {
permission java.net.HttpURLPermission "http://127.0.0.1:12567/foo.html", "GET:X-Foo,Z-Bar";
permission java.net.HttpURLPermission "https://127.0.0.1:12568/foo.html", "POST:X-Fob,T-Bar";
// needed for HttpServer
permission "java.net.SocketPermission" "localhost:1024-", "listen,resolve,accept";
permission "java.util.PropertyPermission" "test.src", "read";
permission java.io.FilePermission "${test.src}/../../../com/sun/net/httpserver/testkeys", "read";
//permission "java.util.logging.LoggingPermission" "control";
//permission "java.io.FilePermission" "/tmp/-", "read,write";
permission "java.lang.RuntimePermission" "modifyThread";
permission "java.lang.RuntimePermission" "setFactory";
};
// Normal permissions that aren't granted when run under jtreg
grant codeBase "file:${{java.ext.dirs}}/*" {
permission java.security.AllPermission;
};
grant codeBase "file:${{java.home}}/jre/lib/rt.jar" {
permission java.security.AllPermission;
};
//
// Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
// DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
//
// This code is free software; you can redistribute it and/or modify it
// under the terms of the GNU General Public License version 2 only, as
// published by the Free Software Foundation.
//
// This code is distributed in the hope that it will be useful, but WITHOUT
// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
// FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
// version 2 for more details (a copy is included in the LICENSE file that
// accompanied this code).
//
// You should have received a copy of the GNU General Public License version
// 2 along with this work; if not, write to the Free Software Foundation,
// Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
//
// Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
// or visit www.oracle.com if you need additional information or have any
// questions.
//
grant {
permission java.net.HttpURLPermission "http://127.0.0.1:12567/*", "GET:X-Foo";
permission java.net.HttpURLPermission "https://127.0.0.1:12568/*", "POST:X-Fob";
// needed for HttpServer
permission "java.net.SocketPermission" "localhost:1024-", "listen,resolve,accept";
permission "java.util.PropertyPermission" "test.src", "read";
permission java.io.FilePermission "${test.src}/../../../com/sun/net/httpserver/testkeys", "read";
//permission "java.util.logging.LoggingPermission" "control";
//permission "java.io.FilePermission" "/tmp/-", "read,write";
permission "java.lang.RuntimePermission" "modifyThread";
permission "java.lang.RuntimePermission" "setFactory";
};
grant codeBase "file:${{java.ext.dirs}}/*" {
permission java.security.AllPermission;
};
grant codeBase "file:///export/repos/jdk8/build/linux-x86_64-normal-server-fastdebug/images/j2sdk-image/jre/lib/rt.jar" {
permission java.security.AllPermission;
};
//
// Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
// DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
//
// This code is free software; you can redistribute it and/or modify it
// under the terms of the GNU General Public License version 2 only, as
// published by the Free Software Foundation.
//
// This code is distributed in the hope that it will be useful, but WITHOUT
// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
// FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
// version 2 for more details (a copy is included in the LICENSE file that
// accompanied this code).
//
// You should have received a copy of the GNU General Public License version
// 2 along with this work; if not, write to the Free Software Foundation,
// Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
//
// Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
// or visit www.oracle.com if you need additional information or have any
// questions.
//
grant {
permission java.net.HttpURLPermission "http://127.0.0.1:12567/a/b/-", "DELETE,GET:X-Foo,Y-Foo";
permission java.net.HttpURLPermission "https://127.0.0.1:12568/a/c/-", "POST:*";
// needed for HttpServer
permission "java.net.SocketPermission" "localhost:1024-", "listen,resolve,accept";
permission "java.util.PropertyPermission" "test.src", "read";
permission java.io.FilePermission "${test.src}/../../../com/sun/net/httpserver/testkeys", "read";
//permission "java.util.logging.LoggingPermission" "control";
//permission "java.io.FilePermission" "/tmp/-", "read,write";
permission "java.lang.RuntimePermission" "modifyThread";
permission "java.lang.RuntimePermission" "setFactory";
};
// Normal permissions that aren't granted when run under jtreg
grant codeBase "file:${{java.ext.dirs}}/*" {
permission java.security.AllPermission;
};
grant codeBase "file:${{java.home}}/jre/lib/rt.jar" {
permission java.security.AllPermission;
};
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册