From 2a10f604b65f12ae5e8987bfa73cffcc1d5f796e Mon Sep 17 00:00:00 2001 From: Sven Gothel Date: Thu, 21 Jun 2012 20:30:53 +0200 Subject: Fix Bug 591: Fix 'jnlp.' aliasing of PropertyAccess.getProperty(..): Usually you set a property like jogamp.debug.IOUtil jogamp.debug=all to enable either IOUtil debugging or all debugging. In case you use Applets or JNLP you cannot use above property namespace, since it's considered insecure. GlueGen would allow you to use an 'jnlp.' alias, e.g.: jnlp.jogamp.debug.IOUtil jnlp.jogamp.debug=all The latter are secure properties and will be passed to the invoked JVM. All properties requested by PropertyAccess.getProperty(..) shall be aliased w/ 'jnlp.' (prepend 'jnlp.'), if no value could be found with the given key. --- .../com/jogamp/common/util/PropertyAccess.java | 47 ++++++++++++++-------- 1 file changed, 30 insertions(+), 17 deletions(-) (limited to 'src/java/com/jogamp') diff --git a/src/java/com/jogamp/common/util/PropertyAccess.java b/src/java/com/jogamp/common/util/PropertyAccess.java index 72d9c5e..51b9533 100644 --- a/src/java/com/jogamp/common/util/PropertyAccess.java +++ b/src/java/com/jogamp/common/util/PropertyAccess.java @@ -45,6 +45,7 @@ public class PropertyAccess { trustedPrefixes = new HashSet(); trustedPrefixes.add(javaws_prefix); trustedPrefixes.add(jnlp_prefix); + // 'jogamp.' and maybe other trusted prefixes will be added later via 'addTrustedPrefix()' } public static final void addTrustedPrefix(String prefix, Class certClass) { @@ -56,9 +57,9 @@ public class PropertyAccess { } public static final boolean isTrusted(String propertyKey) { - int dot1 = propertyKey.indexOf('.'); + final int dot1 = propertyKey.indexOf('.'); if(0<=dot1) { - return trustedPrefixes.contains(propertyKey.substring(0, dot1+1)); + return trustedPrefixes.contains(propertyKey.substring(0, dot1+1)); } else { return false; } @@ -136,24 +137,36 @@ public class PropertyAccess { if(0 == propertyKey.length()) { throw new IllegalArgumentException("propertyKey is empty"); } - if( isTrusted(propertyKey) ) { - // uses 'trusted' prefix, don't add jnlp prefix - return getTrustedPropKey(propertyKey); - } String s=null; - if( null != acc ) { - s = AccessController.doPrivileged(new PrivilegedAction() { - public String run() { - return System.getProperty(propertyKey); - } }, acc); + // int cause = 0; + + if( isTrusted(propertyKey) ) { + // 'trusted' property (jnlp., javaws., jogamp., ..) + s = getTrustedPropKey(propertyKey); + // cause = null != s ? 1 : 0; } else { - s = System.getProperty(propertyKey); - } + if( null != acc ) { + s = AccessController.doPrivileged(new PrivilegedAction() { + public String run() { + return System.getProperty(propertyKey); + } }, acc); + // cause = null != s ? 2 : 0; + } else { + s = System.getProperty(propertyKey); + // cause = null != s ? 3 : 0; + } + } if( null == s && jnlpAlias ) { - // Properties within the namespace "jnlp." or "javaws." should be considered trusted, - // i.e. always granted w/o special privileges. - s = getTrustedPropKey(jnlp_prefix + propertyKey); - } + // Try 'jnlp.' aliased property .. + if( !propertyKey.startsWith(jnlp_prefix) ) { + // Properties within the namespace "jnlp." or "javaws." should be considered trusted, + // i.e. always granted w/o special privileges. + s = getTrustedPropKey(jnlp_prefix + propertyKey); + // cause = null != s ? 4 : 0; + } + } + // System.err.println("Prop: <"+propertyKey+"> = <"+s+">, cause "+cause); + return s; } -- cgit v1.2.3