The introduction of client-side Pack200 selection in 6378311 has introduced a regression in sophisticated applets using LiveConnect because of the fact that the new code does not use AccessController.doPrivileged() to read the jnlp.packEnabled system property. If JavaScript calls into Java and causes a resource to be loaded, since the JavaScript frame on the stack does not have the permission to read the jnlp.packEnabled system property, a SecurityException will be raised deep in the deployment code and the application will return null for their call to ClassLoader.getResourceAsStream(). This regression was reproduced with  xxxxx 's product at http://www.neurodna.com/ and may affect other real-world applets. It is related to an earlier bug, 6665053.
Posted Date : 2008-03-06 19:53:19.0

N/A

The introduction of client-side Pack200 selection in 6378311 has
introduced a regression in sophisticated applets using LiveConnect
because of the fact that the new code does not use
AccessController.doPrivileged() to read the jnlp.packEnabled system
property. If JavaScript calls into Java and causes a resource to be
loaded, since the JavaScript frame on the stack does not have the
permission to read the jnlp.packEnabled system property, a
SecurityException will be raised deep in the deployment code and the
application will return null for their call to
ClassLoader.getResourceAsStream(). This regression was reproduced with
NeuroDNA's product at http://www.neurodna.com/ and may affect other
real-world applets. It is related to an earlier bug, 6665053.

Fixed this by properly using AccessController.doPrivileged() to fetch
this system property in the PluginURLJarFileCallBack. Also refactored
code in the new plug-in to grant the default set of permissions for
untrusted code to calls coming in from JavaScript, which are treated
as coming from untrusted code hosted at the document base.
Posted Date : 2008-03-07 03:13:38.0