You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@commons.apache.org by co...@jakarta.apache.org on 2004/08/12 09:37:19 UTC
[jira] Closed: (JELLY-90) SecurityException when using Jelly in applet or JAWS sandbox
Message:
The following issue has been closed.
Resolver: dion gillard
Date: Thu, 12 Aug 2004 12:36 AM
Done before
---------------------------------------------------------------------
View the issue:
http://issues.apache.org/jira/browse/JELLY-90
Here is an overview of the issue:
---------------------------------------------------------------------
Key: JELLY-90
Summary: SecurityException when using Jelly in applet or JAWS sandbox
Type: Bug
Status: Closed
Priority: Major
Resolution: FIXED
Project: jelly
Components:
core / taglib.core
Fix Fors:
1.0-beta-4
Assignee:
Reporter: Scott Howlett
Created: Mon, 6 Oct 2003 11:32 AM
Updated: Thu, 12 Aug 2004 12:36 AM
Description:
Using Jelly in a sandboxed Java Web Start application or an applet raises a SecurityException because a JellyContext calls system.getProperties() when it is initialized to set up the "systemScope" context variable.
Placing that statement inside a try / catch block that swallows the SecurityException solves the problem for me.
Of course this means that "systemScope" is unavailable in these contexts, but that seems to be a fair compromise, especially since findVariable() does a System.getProperty() as a last resort anyway (and this one *is* properly encased in a block that catches SecurityException).
The relevant bit of code is JellyContext.init:
private void init() {
variables.put("context", this);
try {
variables.put("systemScope", System.getProperties());
}
catch (SecurityException e) {
// ignore security exceptions
}
}
---------------------------------------------------------------------
JIRA INFORMATION:
This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org