Closed
Bug 59983
Opened 24 years ago
Closed 24 years ago
win.getMembers("document") gives access denied and a security violation
Categories
(Core Graveyard :: Java: Live Connect, defect, P3)
Tracking
(Not tracked)
People
(Reporter: gary.kind, Assigned: jeff.dyer)
Details
Attachments
(1 file)
|
3.62 KB,
application/zip
|
Details |
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0)
BuildID:
Using liveconnect, I can easily get the DOM window by calling JSObject.getWindow
(this) in an Applet's method other than init(). However if I follow this up
with the following statement:
JSObject myDoc = (JSOBject) win.getMember("document");
I get an "access denied" and a security violation in the java console.
Being able to do a getMember on any JSObject is critical for our
Oracle products. I consider this a showstopper and it needs to be
addressed as quickly as your schedule permits.
Reproducible: Always
Steps to Reproduce:
1.write a simple html file that contains the following
<applet ID="App1"
name="lcApplet"
CODE="myclasses.liveConnect"
MAYSCRIPT
>
</applet>
<script>
function showAlert()
{
alert ("JavaScript 'showAlert': called from applet.load() ");
}
document.lcApplet.load();
2.Write a simple Applet called liveConnect.java in a "myclasses" folder below
the folder that contains your html file. It should contain a public void
method "load" with no args.
3.Of course, at the top, import netscape.javascript.*; to get the
JSObject.class.
4. Put the following 3 lines in the load method:
// Get the DOM window from JavaScript
JSObject myWin = JSObject.getWindow(this);
// Call the JavaScipt function ShowAlert
myWin.call("ShowAlert", null);
// Get the DOM document object from JavaScript
JSObject myDoc = (JSObject) win.getMember("document");
5. Compile the .java Applet file into a .class file
6. Bring up the Netscape 6 or Mozilla Browser and open the
Java Console.
7. enter the URL to the simple html file you created in step 1.
8. You should see the access denied and security violation when the
JSObject myDoc = (JSObject) win.getMember("document");
statement is executed
Actual Results: The following is a dump of what came up in my Java Console:
*******
textjava.security.AccessControlException: access denied
(java.lang.RuntimePermission getProtectionDomain) at
java.security.AccessControlContext.checkPermission(Unknown Source) at
java.security.AccessController.checkPermission(Unknown Source) at
java.lang.SecurityManager.checkPermission(Unknown Source) at
java.lang.Class.getProtectionDomain(Unknown Source) at
sun.plugin.liveconnect.SecureInvocation.checkLiveConnectCaller(Unknown Source)
at sun.plugin.liveconnect.SecureInvocation.ConstructObject(Unknown
Source) at sun.plugin.javascript.navig5.JSObject.JSObjectGetMember(Native
Method) at sun.plugin.javascript.navig5.JSObject.getMember(Unknown Source)
at myclasses.liveConnect.setString(liveConnect.java:43) at
java.lang.reflect.Method.invoke(Native Method) at
sun.plugin.liveconnect.PrivilegedCallMethodAction.run(Unknown Source) at
java.security.AccessController.doPrivileged(Native Method) at
sun.plugin.liveconnect.SecureInvocation.CallMethod(Unknown Source)
java.security.PrivilegedActionException:
java.lang.reflect.InvocationTargetException:
java.security.AccessControlException: access denied
(java.lang.RuntimePermission getProtectionDomain) at
java.security.AccessControlContext.checkPermission(Unknown Source) at
java.security.AccessController.checkPermission(Unknown Source) at
java.lang.SecurityManager.checkPermission(Unknown Source) at
java.lang.Class.getProtectionDomain(Unknown Source) at
sun.plugin.liveconnect.SecureInvocation.checkLiveConnectCaller(Unknown Source)
at sun.plugin.liveconnect.SecureInvocation.ConstructObject(Unknown
Source) at sun.plugin.javascript.navig5.JSObject.JSObjectGetMember(Native
Method) at sun.plugin.javascript.navig5.JSObject.getMember(Unknown Source)
at myclasses.liveConnect.setString(liveConnect.java:43) at
java.lang.reflect.Method.invoke(Native Method) at
sun.plugin.liveconnect.PrivilegedCallMethodAction.run(Unknown Source) at
java.security.AccessController.doPrivileged(Native Method) at
sun.plugin.liveconnect.SecureInvocation.CallMethod(Unknown Source)
Expected Results: I would have expected no errors and a valid DOM document
returned to the applet's method as a JSObject.
|
||
Comment 1•24 years ago
|
||
Before I follow these instructions, you don't happen to have all this stuff that you can put together in a testcase, and attach to this bug, do you? Gerv
|
|
||
Comment 2•24 years ago
|
||
|
|
||
Comment 3•24 years ago
|
||
Unzip the test case, bring up the Java console, edit the text and click the button. The console shows an error. I'm happy to confirm this bug happens - whether it's a real bug or not, I'm not qualified to say :-) rogerl? Gerv P.S. Reporter - to attach a file to a bug, visit it and use the "Create New Attachment" link.
Status: UNCONFIRMED → NEW
Ever confirmed: true
|
||
Comment 4•24 years ago
|
||
cc'ing Patrick, Jeff, and Mitch. Is this the right component for this bug? Or should it be under the Security component? Also: gary.kind@oracle.com, has this testcase ever worked in Mozilla? If so, can you say how recently it stopped working? Thanks -
It is not clear where the fault is. The problem is that the applet is making
liveconnect calls without a script running, and so the security manager can't
find the principal to validate the call. Calling
function getDocument() {
return window.document;
}
works fine since a script is running when caps need to find a principal on the
js stack.
Keep it in LC, but reassign to me for further analysis.
The workaround function "getDocument()" returns a document to Java. However,
nothing can be done with it, most likely for the same reason. If I turn around
and call, in Java, document.call("write", <txt arg>); I get another security
violation. How do I keep the "Principal" around?
The point is that getMembers doesn't seem to be working on ANY JSObject!
That's what needs to be fixed.|
|
||
Comment 7•24 years ago
|
||
Reassigning to Jeff, as he requested above - (thanks!)
Assignee: rogerl → jeff.dyer
*** This bug has been marked as a duplicate of 59447 ***
Status: NEW → RESOLVED
Closed: 24 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•