changed default behavior to not use SecureClassLoader, as it was causing issues since the latest security update

2013-12-02 20:50:04 +01:00 · 2013-12-02 20:50:04 +01:00 · e7f46b99e2
parent 408ac906bb
commit e7f46b99e2
2 changed files with 7 additions and 17 deletions
--- a/libs/lzma.jar
+++ b/libs/lzma.jar
--- a/src/java/org/lwjgl/util/applet/AppletLoader.java
+++ b/src/java/org/lwjgl/util/applet/AppletLoader.java
@ -56,7 +56,6 @@ import java.io.StringWriter;
 import java.io.Writer;
 import java.lang.reflect.Constructor;
 import java.lang.reflect.Field;
-import java.lang.reflect.Method;
 import java.net.HttpURLConnection;
 import java.net.JarURLConnection;
 import java.net.SocketPermission;
@ -70,7 +69,6 @@ import java.security.CodeSource;
 import java.security.PermissionCollection;
 import java.security.Permissions;
 import java.security.PrivilegedExceptionAction;
-import java.security.SecureClassLoader;
 import java.security.cert.Certificate;
 import java.util.Enumeration;
 import java.util.HashMap;
@ -1189,24 +1187,16 @@ public class AppletLoader extends Applet implements Runnable, AppletStub {
 				PermissionCollection perms = null;

 				try {
-					
-					// if mac, apply workaround for the multiple security dialog issue
-					if (isMacOS) {
-						// if certificates match the AppletLoader certificates then don't use SecureClassLoader to get further permissions
-						if (certificatesMatch(certs, codesource.getCertificates())) {
-							perms = new Permissions();
-							perms.add(new AllPermission());
-							return perms;
-						}
-					}
+                    // no permissions
+                    perms = new Permissions();

-					// getPermissions from original classloader is important as it checks for signed jars and shows any security dialogs needed
-					Method method = SecureClassLoader.class.getDeclaredMethod("getPermissions", new Class[] { CodeSource.class });
-					method.setAccessible(true);
-					perms = (PermissionCollection)method.invoke(getClass().getClassLoader(), new Object[] {codesource});
+                    // if certificates match the AppletLoader certificates then we should be all set
+                    if (certificatesMatch(certs, codesource.getCertificates())) {
+                        perms.add(new AllPermission());
+                        return perms;
+                    }

 					String host = getCodeBase().getHost();
-
 			        if (host != null && (host.length() > 0)) {
 			        	// add permission for downloaded jars to access host they were from
 			        	perms.add(new SocketPermission(host, "connect,accept"));