You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ws.apache.org by ve...@apache.org on 2016/02/18 22:35:01 UTC

svn commit: r1731157 - /webservices/axiom/trunk/pom.xml

Author: veithen
Date: Thu Feb 18 21:35:01 2016
New Revision: 1731157

URL: http://svn.apache.org/viewvc?rev=1731157&view=rev
Log:
Correctly escape paths in the generated security policy file.

Modified:
    webservices/axiom/trunk/pom.xml

Modified: webservices/axiom/trunk/pom.xml
URL: http://svn.apache.org/viewvc/webservices/axiom/trunk/pom.xml?rev=1731157&r1=1731156&r2=1731157&view=diff
==============================================================================
--- webservices/axiom/trunk/pom.xml (original)
+++ webservices/axiom/trunk/pom.xml Thu Feb 18 21:35:01 2016
@@ -886,17 +886,19 @@
                         <configuration>
                             <scripts>
                                 <script><![CDATA[
+                                    import static groovy.json.StringEscapeUtils.escapeJava
+                                    
                                     if (project.packaging != 'pom' && project.properties['hermeticTests'] == 'true') {
                                         new File(project.build.directory, "test.policy").withWriter { out ->
                                             out.println "grant {"
-                                            out.println """  permission java.io.FilePermission "${java.home}${file.separator}-", "read";"""
-                                            out.println """  permission java.io.FilePermission "${settings.localRepository}${file.separator}-", "read";"""
+                                            out.println """  permission java.io.FilePermission "${escapeJava(System.properties.'java.home')}\${/}-", "read";"""
+                                            out.println """  permission java.io.FilePermission "${escapeJava(session.settings.localRepository)}\${/}-", "read";"""
                                             session.sortedProjects.each({
-                                                out.println """  permission java.io.FilePermission "${it.build.directory}${file.separator}*", "read";"""
+                                                out.println """  permission java.io.FilePermission "${escapeJava(it.build.directory)}\${/}*", "read";"""
                                             })
-                                            out.println """  permission java.io.FilePermission "${basedir}${file.separator}-", "read";"""
-                                            out.println """  permission java.io.FilePermission "${project.build.directory}", "read,write";"""
-                                            out.println """  permission java.io.FilePermission "${project.build.directory}${file.separator}-", "read,write,delete";"""
+                                            out.println """  permission java.io.FilePermission "${escapeJava(project.basedir.absolutePath)}\${/}-", "read";"""
+                                            out.println """  permission java.io.FilePermission "${escapeJava(project.build.directory)}", "read,write";"""
+                                            out.println """  permission java.io.FilePermission "${escapeJava(project.build.directory)}\${/}-", "read,write,delete";"""
                                             out.println """  permission java.lang.RuntimePermission "*";"""
                                             out.println """  permission java.lang.reflect.ReflectPermission "*";"""
                                             out.println """  permission java.net.NetPermission "*";"""