Details
-
Bug
-
Resolution: Incomplete
-
P3
-
7u55
-
x86_64
-
windows_7
Description
FULL PRODUCT VERSION :
java version "1.7.0_55"
Java(TM) SE Runtime Environment (build 1.7.0_55-b13)
Java HotSpot(TM) Client VM (build 24.55-b03, mixed mode)
A DESCRIPTION OF THE PROBLEM :
Plugin2Classloader.getPermissions(CodeSource paramCodeSource) uses SandboxSecurity with a wrong URL:
In case the host equals the paramCodeSource's host, it uses "SandboxSecurity.getConnectPermission(getBaseURL());" instead of "SandboxSecurity.getConnectPermission(paramCodeSource.getLocation());"
-> This leads to a request on the baseUrl, and not the jar-URL.
It seems to be fixed in 8u05, but not in 7u60.
REGRESSION. Last worked in version 7u51
REPRODUCIBILITY :
This bug can be reproduced always.
java version "1.7.0_55"
Java(TM) SE Runtime Environment (build 1.7.0_55-b13)
Java HotSpot(TM) Client VM (build 24.55-b03, mixed mode)
A DESCRIPTION OF THE PROBLEM :
Plugin2Classloader.getPermissions(CodeSource paramCodeSource) uses SandboxSecurity with a wrong URL:
In case the host equals the paramCodeSource's host, it uses "SandboxSecurity.getConnectPermission(getBaseURL());" instead of "SandboxSecurity.getConnectPermission(paramCodeSource.getLocation());"
-> This leads to a request on the baseUrl, and not the jar-URL.
It seems to be fixed in 8u05, but not in 7u60.
REGRESSION. Last worked in version 7u51
REPRODUCIBILITY :
This bug can be reproduced always.