vhardy 02/05/03 05:28:54
Modified: test-resources/org/apache/batik/test regard.xml
test-sources/org/apache/batik/test/svg
SelfContainedSVGOnLoadTest.java
Added: test-sources/org/apache/batik/bridge ScriptSelfTest.java
test-resources/org/apache/batik/bridge
ecmaCheckConstrain.svg ecmaCheckLoad.svg
ecmaCheckNoConstrain.svg ecmaCheckNoLoad.svg
ecmaCheckPermissionsDenied.svg
ecmaCheckPermissionsGranted.svg
ecmaScriptSecurity.svg ecmaScriptSecurity2.svg
unitTesting.xml
Log:
Added unit testing for ScriptSecurity (i.e., script loading control and contraining
script origin)
Revision Changes Path
1.25 +2 -1 xml-batik/test-resources/org/apache/batik/test/regard.xml
Index: regard.xml
===================================================================
RCS file: /home/cvs/xml-batik/test-resources/org/apache/batik/test/regard.xml,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- regard.xml 15 Apr 2002 10:16:18 -0000 1.24
+++ regard.xml 3 May 2002 12:28:53 -0000 1.25
@@ -11,7 +11,7 @@
<!-- regression testing. -->
<!-- -->
<!-- @author [EMAIL PROTECTED] -->
-<!-- @version $Id: regard.xml,v 1.24 2002/04/15 10:16:18 hillion Exp $ -->
+<!-- @version $Id: regard.xml,v 1.25 2002/05/03 12:28:53 vhardy Exp $ -->
<!-- ========================================================================= -->
<testRun id="regard" name="Batik Standard Regression Test Run">
<testReportProcessor class="org.apache.batik.test.xml.XMLTestReportProcessor" >
@@ -54,6 +54,7 @@
<testSuite
href="file:test-resources/org/apache/batik/ext/awt/image/codec/unitTesting.xml" />
<testSuite
href="file:test-resources/org/apache/batik/ext/awt/geom/unitTesting.xml" />
<testSuite href="file:test-resources/org/apache/batik/util/unitTesting.xml" />
+ <testSuite href="file:test-resources/org/apache/batik/bridge/unitTesting.xml"
/>
<testSuite href="file:test-resources/org/apache/batik/css/dom/unitTesting.xml"
/>
<testSuite href="file:test-resources/org/apache/batik/dom/unitTesting.xml" />
<testSuite href="file:test-resources/org/apache/batik/dom/svg/unitTesting.xml"
/>
1.1
xml-batik/test-sources/org/apache/batik/bridge/ScriptSelfTest.java
Index: ScriptSelfTest.java
===================================================================
/*****************************************************************************
* Copyright (C) The Apache Software Foundation. All rights reserved. *
* ------------------------------------------------------------------------- *
* This software is published under the terms of the Apache Software License *
* version 1.1, a copy of which has been included with this distribution in *
* the LICENSE file. *
*****************************************************************************/
package org.apache.batik.bridge;
import java.net.URL;
import org.apache.batik.test.*;
import org.apache.batik.util.ApplicationSecurityEnforcer;
import org.apache.batik.test.svg.SelfContainedSVGOnLoadTest;
/**
* Helper class to simplify writing the unitTesting.xml file for
* the bridge.
*
* @author <a href="mailto:[EMAIL PROTECTED]";>Vincent Hardy</a>
* @version $Id: ScriptSelfTest.java,v 1.1 2002/05/03 12:28:53 vhardy Exp $
*/
public class ScriptSelfTest extends SelfContainedSVGOnLoadTest {
boolean secure = true;
boolean constrain = true;
String scripts = "text/ecmascript, application/java-archive";
TestUserAgent userAgent = new TestUserAgent();
public void setId(String id){
super.setId(id);
svgURL = resolveURL("test-resources/org/apache/batik/bridge/" + id + ".svg");
}
public void setSecure(Boolean secure){
this.secure = secure.booleanValue();
}
public Boolean getSecure(){
return new Boolean(this.secure);
}
public void setConstrain(Boolean constrain){
this.constrain = constrain.booleanValue();
}
public Boolean getConstrain(){
return new Boolean(this.constrain);
}
public void setScripts(String scripts){
this.scripts = scripts;
}
public String getScripts(){
return scripts;
}
public TestReport runImpl() throws Exception{
ApplicationSecurityEnforcer ase
= new ApplicationSecurityEnforcer(this.getClass(),
"org/apache/batik/apps/svgbrowser/resources/svgbrowser.policy",
"dummy.jar");
if (secure) {
ase.enforceSecurity(true);
}
try {
return super.runImpl();
} finally {
ase.enforceSecurity(false);
}
}
protected UserAgent buildUserAgent(){
return userAgent;
}
class TestUserAgent extends UserAgentAdapter {
public ScriptSecurity getScriptSecurity(String scriptType,
URL scriptURL,
URL docURL){
if (scripts.indexOf(scriptType) == -1){
return new NoLoadScriptSecurity(scriptType);
} else {
if (constrain){
return new DefaultScriptSecurity(scriptType, scriptURL, docURL);
} else {
return new RelaxedScriptSecurity(scriptType, scriptURL, docURL);
}
}
}
}
}
1.2 +9 -2
xml-batik/test-sources/org/apache/batik/test/svg/SelfContainedSVGOnLoadTest.java
Index: SelfContainedSVGOnLoadTest.java
===================================================================
RCS file:
/home/cvs/xml-batik/test-sources/org/apache/batik/test/svg/SelfContainedSVGOnLoadTest.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- SelfContainedSVGOnLoadTest.java 11 Apr 2002 08:07:24 -0000 1.1
+++ SelfContainedSVGOnLoadTest.java 3 May 2002 12:28:53 -0000 1.2
@@ -66,7 +66,7 @@
* </svg></code>
*
* @author <a href="mailto:[EMAIL PROTECTED]";>Vincent Hardy</a>
- * @version $Id: SelfContainedSVGOnLoadTest.java,v 1.1 2002/04/11 08:07:24 vhardy
Exp $
+ * @version $Id: SelfContainedSVGOnLoadTest.java,v 1.2 2002/05/03 12:28:53 vhardy
Exp $
*/
public class SelfContainedSVGOnLoadTest extends AbstractTest {
/**
@@ -233,7 +233,7 @@
// Now that the SVG file has been loaded, build
// a GVT Tree from it
//
- UserAgent userAgent = new UserAgentAdapter();
+ UserAgent userAgent = buildUserAgent();
GVTBuilder builder = new GVTBuilder();
BridgeContext ctx = new BridgeContext(userAgent);
ctx.setDynamic(true);
@@ -318,6 +318,13 @@
}
return report;
+ }
+
+ /**
+ * Give subclasses a chance to build their own UserAgent
+ */
+ protected UserAgent buildUserAgent(){
+ return new UserAgentAdapter();
}
}
1.1
xml-batik/test-resources/org/apache/batik/bridge/ecmaCheckConstrain.svg
Index: ecmaCheckConstrain.svg
===================================================================
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.0//EN"
"http://www.w3.org/TR/2001/REC-SVG-20010904/DTD/svg10.dtd";>
<!-- ========================================================================= -->
<!-- Copyright (C) The Apache Software Foundation. All rights reserved. -->
<!-- -->
<!-- This software is published under the terms of the Apache Software License -->
<!-- version 1.1, a copy of which has been included with this distribution in -->
<!-- the LICENSE file. -->
<!-- ========================================================================= -->
<!-- ========================================================================= -->
<!-- Checks that access to critical functions is not allowed. -->
<!-- -->
<!-- @author [EMAIL PROTECTED] -->
<!-- @version $Id: ecmaCheckConstrain.svg,v 1.1 2002/05/03 12:28:53 vhardy Exp $
-->
<!-- ========================================================================= -->
<svg xmlns="http://www.w3.org/2000/svg";
xmlns:xlink="http://www.w3.org/1999/xlink";
xmlns:test="http://xml.apache.org/batik/test";
width="450" height="500" viewBox="0 0 450 500"
onload="runTest()">
<test:testResult id="testResult" result="passed"/>
<script type="text/ecmascript"
xlink:href="http://cvs.apache.org/viewcvs.cgi/~checkout~/xml-batik/test-resources/org/apache/batik/bridge/iWasLoaded.js?content-type=text/plain";
/>
</svg>
1.1
xml-batik/test-resources/org/apache/batik/bridge/ecmaCheckLoad.svg
Index: ecmaCheckLoad.svg
===================================================================
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.0//EN"
"http://www.w3.org/TR/2001/REC-SVG-20010904/DTD/svg10.dtd";>
<!-- ========================================================================= -->
<!-- Copyright (C) The Apache Software Foundation. All rights reserved. -->
<!-- -->
<!-- This software is published under the terms of the Apache Software License -->
<!-- version 1.1, a copy of which has been included with this distribution in -->
<!-- the LICENSE file. -->
<!-- ========================================================================= -->
<!-- ========================================================================= -->
<!-- Checks that access to critical functions is not allowed. -->
<!-- -->
<!-- @author [EMAIL PROTECTED] -->
<!-- @version $Id: ecmaCheckLoad.svg,v 1.1 2002/05/03 12:28:53 vhardy Exp $ -->
<!-- ========================================================================= -->
<svg xmlns="http://www.w3.org/2000/svg";
xmlns:xlink="http://www.w3.org/1999/xlink";
xmlns:test="http://xml.apache.org/batik/test";
width="450" height="500" viewBox="0 0 450 500"
onload="runTest()">
<test:testResult id="testResult" result="failed"
errorCode="ecmascript.not.loaded"/>
<script type="text/ecmascript" xlink:href="iWasLoadedToo.js" />
</svg>
1.1
xml-batik/test-resources/org/apache/batik/bridge/ecmaCheckNoConstrain.svg
Index: ecmaCheckNoConstrain.svg
===================================================================
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.0//EN"
"http://www.w3.org/TR/2001/REC-SVG-20010904/DTD/svg10.dtd";>
<!-- ========================================================================= -->
<!-- Copyright (C) The Apache Software Foundation. All rights reserved. -->
<!-- -->
<!-- This software is published under the terms of the Apache Software License -->
<!-- version 1.1, a copy of which has been included with this distribution in -->
<!-- the LICENSE file. -->
<!-- ========================================================================= -->
<!-- ========================================================================= -->
<!-- Checks that access to critical functions is not allowed. -->
<!-- -->
<!-- @author [EMAIL PROTECTED] -->
<!-- @version $Id: ecmaCheckNoConstrain.svg,v 1.1 2002/05/03 12:28:53 vhardy Exp $
-->
<!-- ========================================================================= -->
<svg xmlns="http://www.w3.org/2000/svg";
xmlns:xlink="http://www.w3.org/1999/xlink";
xmlns:test="http://xml.apache.org/batik/test";
width="450" height="500" viewBox="0 0 450 500"
onload="runTest()">
<test:testResult id="testResult" result="failed"
errorCode="ecmascript.not.loaded"/>
<script type="text/ecmascript"
xlink:href="http://cvs.apache.org/viewcvs.cgi/~checkout~/xml-batik/test-resources/org/apache/batik/bridge/iWasLoadedToo.js?content-type=text/plain";
/>
</svg>
1.1
xml-batik/test-resources/org/apache/batik/bridge/ecmaCheckNoLoad.svg
Index: ecmaCheckNoLoad.svg
===================================================================
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.0//EN"
"http://www.w3.org/TR/2001/REC-SVG-20010904/DTD/svg10.dtd";>
<!-- ========================================================================= -->
<!-- Copyright (C) The Apache Software Foundation. All rights reserved. -->
<!-- -->
<!-- This software is published under the terms of the Apache Software License -->
<!-- version 1.1, a copy of which has been included with this distribution in -->
<!-- the LICENSE file. -->
<!-- ========================================================================= -->
<!-- ========================================================================= -->
<!-- Checks that access to critical functions is not allowed. -->
<!-- -->
<!-- @author [EMAIL PROTECTED] -->
<!-- @version $Id: ecmaCheckNoLoad.svg,v 1.1 2002/05/03 12:28:53 vhardy Exp $ -->
<!-- ========================================================================= -->
<svg xmlns="http://www.w3.org/2000/svg";
xmlns:xlink="http://www.w3.org/1999/xlink";
xmlns:test="http://xml.apache.org/batik/test";
width="450" height="500" viewBox="0 0 450 500"
onload="runTest()">
<test:testResult id="testResult" result="passed"/>
<script type="text/ecmascript" xlink:href="iWasLoaded.js" />
</svg>
1.1
xml-batik/test-resources/org/apache/batik/bridge/ecmaCheckPermissionsDenied.svg
Index: ecmaCheckPermissionsDenied.svg
===================================================================
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.0//EN"
"http://www.w3.org/TR/2001/REC-SVG-20010904/DTD/svg10.dtd";>
<!-- ========================================================================= -->
<!-- Copyright (C) The Apache Software Foundation. All rights reserved. -->
<!-- -->
<!-- This software is published under the terms of the Apache Software License -->
<!-- version 1.1, a copy of which has been included with this distribution in -->
<!-- the LICENSE file. -->
<!-- ========================================================================= -->
<!-- ========================================================================= -->
<!-- Checks that access to critical functions is not allowed. -->
<!-- -->
<!-- @author [EMAIL PROTECTED] -->
<!-- @version $Id: ecmaCheckPermissionsDenied.svg,v 1.1 2002/05/03 12:28:53 vhardy
Exp $ -->
<!-- ========================================================================= -->
<svg xmlns="http://www.w3.org/2000/svg";
xmlns:xlink="http://www.w3.org/1999/xlink";
xmlns:test="http://xml.apache.org/batik/test";
width="450" height="500" viewBox="0 0 450 500"
onload="runTest()">
<test:testResult id="testResult" />
<script type="text/ecmascript"><![CDATA[
importPackage(Packages.java.awt);
importPackage(Packages.java.io);
importPackage(Packages.java.lang.reflect);
importPackage(Packages.java.net);
importPackage(Packages.java.security);
importPackage(Packages.java.sql);
importPackage(Packages.java.util);
importPackage(Packages.javax.sound.sampled);
var svgNS = "http://www.w3.org/2000/svg";;
var testNS = "http://xml.apache.org/batik/test";;
var testedPath = "build.sh";
var testedHost = "nagoya.apache.org:8080";
var basePermissions = [
["AllPermission", new AllPermission()],
["FilePermission read", new FilePermission(testedPath, "read")],
["FilePermission write", new FilePermission(testedPath, "write")],
["FilePermission execute", new FilePermission(testedPath, "execute")],
["FilePermission delete", new FilePermission(testedPath, "delete")],
["SocketPermission accept", new SocketPermission(testedHost, "accept")],
["SocketPermission connect", new SocketPermission(testedHost, "connect")],
["SocketPermission listen", new SocketPermission(testedHost, "listen")],
["SocketPermission resolve", new SocketPermission(testedHost, "resolve")],
["AudioPermission play", new AudioPermission("play")],
["AudioPermission record", new AudioPermission("record")],
["AWTPermission accessClipboard", new AWTPermission("accessClipboard")],
["AWTPermission accessEventQueue", new AWTPermission("accessEventQueue")],
["AWTPermission listenToAllAWTEvents", new
AWTPermission("listenToAllAWTEvents")],
["AWTPermission showWindowWithoutWarningBanner", new
AWTPermission("showWindowWithoutWarningBanner")],
["AWTPermission readDisplayPixels", new AWTPermission("readDisplayPixels")],
["AWTPermission createRobot", new AWTPermission("createRobot")],
["AWTPermission fullScreenExclusive", new
AWTPermission("fullScreenExclusive")],
["NetPermission setDefaultAuthenticator", new
NetPermission("setDefaultAuthenticator")],
["NetPermission requestPasswordAuthentication", new
NetPermission("requestPasswordAuthentication")],
["NetPermission specifyStreamHandler", new
NetPermission("specifyStreamHandler")],
["PropertyPermission java.home read", new PropertyPermission("java.home",
"read")],
["PropertyPermission java.home write", new PropertyPermission("java.home",
"write")],
["ReflectPermission", new ReflectPermission("suppressAccessChecks")],
["RuntimePermission createClassLoader", new
RuntimePermission("createClassLoader")],
["RuntimePermission getClassLoader", new
RuntimePermission("getClassLoader")],
["RuntimePermission setContextClassLoader", new
RuntimePermission("setContextClassLoader")],
["RuntimePermission setSecurityManager", new
RuntimePermission("setSecurityManager")],
["RuntimePermission createSecurityManager", new
RuntimePermission("createSecurityManager")],
["RuntimePermission exitVM", new RuntimePermission("exitVM")],
["RuntimePermission shutdownHooks", new RuntimePermission("shutdownHooks")],
["RuntimePermission setFactory", new RuntimePermission("setFactory")],
["RuntimePermission setIO", new RuntimePermission("setIO")],
["RuntimePermission modifyThread", new RuntimePermission("modifyThread")],
["RuntimePermission stopThread", new RuntimePermission("stopThread")],
["RuntimePermission modifyThreadGroup", new
RuntimePermission("modifyThreadGroup")],
["RuntimePermission getProtectionDomain", new
RuntimePermission("getProtectionDomain")],
["RuntimePermission readFileDescriptor", new
RuntimePermission("readFileDescriptor")],
["RuntimePermission writeFileDescriptor", new
RuntimePermission("writeFileDescriptor")],
["RuntimePermission loadLibrary.{library name}", new
RuntimePermission("loadLibrary.{library name}")],
["RuntimePermission accessClassInPackage.java.security", new
RuntimePermission("accessClassInPackage.java.security")],
["RuntimePermission defineClassInPackage.java.lang", new
RuntimePermission("defineClassInPackage.java.lang")],
["RuntimePermission accessDeclaredMembers", new
RuntimePermission("accessDeclaredMembers")],
["RuntimePermission queuePrintJob", new RuntimePermission("queuePrintJob")],
["SecurityPermission createAccessControlContext", new
SerializablePermission("createAccessControlContext")],
["SecurityPermission getDomainCombiner", new
SerializablePermission("getDomainCombiner")],
["SecurityPermission getPolicy", new SerializablePermission("getPolicy")],
["SecurityPermission setPolicy", new SerializablePermission("setPolicy")],
["SecurityPermission setSystemScope", new
SerializablePermission("setSystemScope")],
["SecurityPermission setIdentityPublicKey", new
SerializablePermission("setIdentityPublicKey")],
["SecurityPermission setIdentityInfo", new
SerializablePermission("setIdentityInfo")],
["SecurityPermission addIdentityCertificate", new
SerializablePermission("addIdentityCertificate")],
["SecurityPermission removeIdentityCertificate", new
SerializablePermission("removeIdentityCertificate")],
["SecurityPermission printIdentity", new
SerializablePermission("printIdentity")],
["SecurityPermission getSignerPrivateKey", new
SerializablePermission("getSignerPrivateKey")],
["SecurityPermission setSignerKeyPair", new
SerializablePermission("setSignerKeyPair")],
["SerializablePermission enableSubclassImplementation", new
SerializablePermission("enableSubclassImplementation")],
["SerializablePermission enableSubstitution", new
SerializablePermission("enableSubstitution")],
["SQLPermission", new SQLPermission("setLog")],
];
var permissions = null;
var statusRects = null;
var nGranted = 0;
function init(){
var docURL = document.getURLObject();
if (docURL != null
&& (docURL.getHost() != null)
&& !( "" == docURL.getHost())
) {
permissions = new Array();
var docHost = docURL.getHost();
if (docURL.getPort() != -1) {
docHost += ":" + docURL.getPort();
}
permissions[0] = ["SocketPermission accept " + docHost,
new SocketPermission(docHost, "accept")];
permissions[1] = ["SocketPermission connect " + docHost,
new SocketPermission(docHost, "connect")];
permissions[2] = ["SocketPermission resolve " + docHost,
new SocketPermission(docHost, "resolve")];
// permissions.concat(basePermissions);
for (var i=0; i<basePermissions.length; i++){
permissions[3+i] = basePermissions[i];
}
nGranted = 3;
} else {
permissions = basePermissions;
}
}
init();
function runTest(){
var sm = System.getSecurityManager();
var successCnt = 0;
var unexpectedGrants = new Array();
var unexpectedDenial = new Array();
var unexpectedDenialCnt = 0;
var unexpectedGrantsCnt = 0;
if (sm == null){
for (var i=0; i<nGranted; i++) {
successCnt++;
}
for (var i=nGranted; i<permissions.length; i++) {
unexpectedGrants[unexpectedGrantsCnt] = permissions[i][0];
unexpectedGrantsCnt++;
}
}
else {
for (var i=0; i<nGranted; i++) {
var p = permissions[i][1];
var success = true;
try {
sm.checkPermission(p);
successCnt++;
} catch (se){
unexpectedDenial[unexpectedDenialCnt] = permissions[i][0];
unexpectedDenialCnt++;
}
}
for (var i=nGranted; i<permissions.length; i++) {
var p = permissions[i][1];
var success = true;
try {
sm.checkPermission(p);
unexpectedGrants[unexpectedGrantsCnt] = permissions[i][0];
unexpectedGrantsCnt++;
} catch (se){
successCnt++;
}
}
}
// Update the test's metadata
var result = document.getElementById("testResult");
if ( successCnt == permissions.length ) {
result.setAttributeNS(null, "result", "passed");
} else {
System.out.println("test failed: " + unexpectedGrantsCnt + " / " +
unexpectedDenialCnt);
result.setAttributeNS(null, "result", "failed");
result.setAttributeNS(null, "errorCode", "unexpected.grants.or.denials");
var unexpectedGrantsString = "";
var unexpectedDenialString = "";
for (var i=0; i<unexpectedGrantsCnt; i++) {
unexpectedGrantsString += unexpectedGrants[i];
}
for (var i=0; i<unexpectedDenialCnt; i++) {
unexpectedDenialString += unexpectedDenial[i];
}
System.out.println("unexpected.grants : " + unexpectedGrantsString);
var entry = null;
entry = document.createElementNS(testNS, "errorDescriptiongEntry");
entry.setAttributeNS(null, "id", "unexpected.grants.count");
entry.setAttributeNS(null, "value", "" + unexpectedGrantsCnt);
result.appendChild(entry);
entry = document.createElementNS(testNS, "errorDescriptionEntry");
entry.setAttributeNS(null, "id", "unexpected.grants");
entry.setAttributeNS(null, "value", unexpectedGrantsString);
result.appendChild(entry);
entry = document.createElementNS(testNS, "errorDescriptiongEntry");
entry.setAttributeNS(null, "id", "unexpected.denials.count");
entry.setAttributeNS(null, "value", "" + unexpectedDenialCnt);
result.appendChild(entry);
System.out.println("unexpected.denials : " + unexpectedDenialString);
entry = document.createElementNS(testNS, "errorDescriptionEntry");
entry.setAttributeNS(null, "id", "unexpected.denials");
entry.setAttributeNS(null, "value", unexpectedDenialString);
result.appendChild(entry);
}
}
]]></script>
</svg>
1.1
xml-batik/test-resources/org/apache/batik/bridge/ecmaCheckPermissionsGranted.svg
Index: ecmaCheckPermissionsGranted.svg
===================================================================
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.0//EN"
"http://www.w3.org/TR/2001/REC-SVG-20010904/DTD/svg10.dtd";>
<!-- ========================================================================= -->
<!-- Copyright (C) The Apache Software Foundation. All rights reserved. -->
<!-- -->
<!-- This software is published under the terms of the Apache Software License -->
<!-- version 1.1, a copy of which has been included with this distribution in -->
<!-- the LICENSE file. -->
<!-- ========================================================================= -->
<!-- ========================================================================= -->
<!-- Checks that access to critical functions is allowed. -->
<!-- -->
<!-- @author [EMAIL PROTECTED] -->
<!-- @version $Id: ecmaCheckPermissionsGranted.svg,v 1.1 2002/05/03 12:28:53 vhardy
Exp $ -->
<!-- ========================================================================= -->
<svg xmlns="http://www.w3.org/2000/svg";
xmlns:xlink="http://www.w3.org/1999/xlink";
xmlns:test="http://xml.apache.org/batik/test";
width="450" height="500" viewBox="0 0 450 500"
onload="runTest()">
<test:testResult id="testResult" />
<script type="text/ecmascript"><![CDATA[
importPackage(Packages.java.awt);
importPackage(Packages.java.io);
importPackage(Packages.java.lang.reflect);
importPackage(Packages.java.net);
importPackage(Packages.java.security);
importPackage(Packages.java.sql);
importPackage(Packages.java.util);
importPackage(Packages.javax.sound.sampled);
var svgNS = "http://www.w3.org/2000/svg";;
var testNS = "http://xml.apache.org/batik/test";;
var testedPath = "build.sh";
var testedHost = "nagoya.apache.org:8080";
var basePermissions = [
["AllPermission", new AllPermission()],
["FilePermission read", new FilePermission(testedPath, "read")],
["FilePermission write", new FilePermission(testedPath, "write")],
["FilePermission execute", new FilePermission(testedPath, "execute")],
["FilePermission delete", new FilePermission(testedPath, "delete")],
["SocketPermission accept", new SocketPermission(testedHost, "accept")],
["SocketPermission connect", new SocketPermission(testedHost, "connect")],
["SocketPermission listen", new SocketPermission(testedHost, "listen")],
["SocketPermission resolve", new SocketPermission(testedHost, "resolve")],
["AudioPermission play", new AudioPermission("play")],
["AudioPermission record", new AudioPermission("record")],
["AWTPermission accessClipboard", new AWTPermission("accessClipboard")],
["AWTPermission accessEventQueue", new AWTPermission("accessEventQueue")],
["AWTPermission listenToAllAWTEvents", new
AWTPermission("listenToAllAWTEvents")],
["AWTPermission showWindowWithoutWarningBanner", new
AWTPermission("showWindowWithoutWarningBanner")],
["AWTPermission readDisplayPixels", new AWTPermission("readDisplayPixels")],
["AWTPermission createRobot", new AWTPermission("createRobot")],
["AWTPermission fullScreenExclusive", new
AWTPermission("fullScreenExclusive")],
["NetPermission setDefaultAuthenticator", new
NetPermission("setDefaultAuthenticator")],
["NetPermission requestPasswordAuthentication", new
NetPermission("requestPasswordAuthentication")],
["NetPermission specifyStreamHandler", new
NetPermission("specifyStreamHandler")],
["PropertyPermission java.home read", new PropertyPermission("java.home",
"read")],
["PropertyPermission java.home write", new PropertyPermission("java.home",
"write")],
["ReflectPermission", new ReflectPermission("suppressAccessChecks")],
["RuntimePermission createClassLoader", new
RuntimePermission("createClassLoader")],
["RuntimePermission getClassLoader", new
RuntimePermission("getClassLoader")],
["RuntimePermission setContextClassLoader", new
RuntimePermission("setContextClassLoader")],
["RuntimePermission setSecurityManager", new
RuntimePermission("setSecurityManager")],
["RuntimePermission createSecurityManager", new
RuntimePermission("createSecurityManager")],
["RuntimePermission exitVM", new RuntimePermission("exitVM")],
["RuntimePermission shutdownHooks", new RuntimePermission("shutdownHooks")],
["RuntimePermission setFactory", new RuntimePermission("setFactory")],
["RuntimePermission setIO", new RuntimePermission("setIO")],
["RuntimePermission modifyThread", new RuntimePermission("modifyThread")],
["RuntimePermission stopThread", new RuntimePermission("stopThread")],
["RuntimePermission modifyThreadGroup", new
RuntimePermission("modifyThreadGroup")],
["RuntimePermission getProtectionDomain", new
RuntimePermission("getProtectionDomain")],
["RuntimePermission readFileDescriptor", new
RuntimePermission("readFileDescriptor")],
["RuntimePermission writeFileDescriptor", new
RuntimePermission("writeFileDescriptor")],
["RuntimePermission loadLibrary.{library name}", new
RuntimePermission("loadLibrary.{library name}")],
["RuntimePermission accessClassInPackage.java.security", new
RuntimePermission("accessClassInPackage.java.security")],
["RuntimePermission defineClassInPackage.java.lang", new
RuntimePermission("defineClassInPackage.java.lang")],
["RuntimePermission accessDeclaredMembers", new
RuntimePermission("accessDeclaredMembers")],
["RuntimePermission queuePrintJob", new RuntimePermission("queuePrintJob")],
["SecurityPermission createAccessControlContext", new
SerializablePermission("createAccessControlContext")],
["SecurityPermission getDomainCombiner", new
SerializablePermission("getDomainCombiner")],
["SecurityPermission getPolicy", new SerializablePermission("getPolicy")],
["SecurityPermission setPolicy", new SerializablePermission("setPolicy")],
["SecurityPermission setSystemScope", new
SerializablePermission("setSystemScope")],
["SecurityPermission setIdentityPublicKey", new
SerializablePermission("setIdentityPublicKey")],
["SecurityPermission setIdentityInfo", new
SerializablePermission("setIdentityInfo")],
["SecurityPermission addIdentityCertificate", new
SerializablePermission("addIdentityCertificate")],
["SecurityPermission removeIdentityCertificate", new
SerializablePermission("removeIdentityCertificate")],
["SecurityPermission printIdentity", new
SerializablePermission("printIdentity")],
["SecurityPermission getSignerPrivateKey", new
SerializablePermission("getSignerPrivateKey")],
["SecurityPermission setSignerKeyPair", new
SerializablePermission("setSignerKeyPair")],
["SerializablePermission enableSubclassImplementation", new
SerializablePermission("enableSubclassImplementation")],
["SerializablePermission enableSubstitution", new
SerializablePermission("enableSubstitution")],
["SQLPermission", new SQLPermission("setLog")],
];
var permissions = null;
var statusRects = null;
var nGranted = 0;
function init(){
var docURL = document.getURLObject();
if (docURL != null
&& (docURL.getHost() != null)
&& !( "" == docURL.getHost())
) {
permissions = new Array();
var docHost = docURL.getHost();
if (docURL.getPort() != -1) {
docHost += ":" + docURL.getPort();
}
permissions[0] = ["SocketPermission accept " + docHost,
new SocketPermission(docHost, "accept")];
permissions[1] = ["SocketPermission connect " + docHost,
new SocketPermission(docHost, "connect")];
permissions[2] = ["SocketPermission resolve " + docHost,
new SocketPermission(docHost, "resolve")];
// permissions.concat(basePermissions);
for (var i=0; i<basePermissions.length; i++){
permissions[3+i] = basePermissions[i];
}
nGranted = 3;
} else {
permissions = basePermissions;
}
}
init();
function runTest(){
var sm = System.getSecurityManager();
var successCnt = 0;
var unexpectedDenial = new Array();
var unexpectedDenialCnt = 0;
if (sm == null){
for (var i=0; i<permissions.length; i++) {
successCnt++;
}
}
else {
for (var i=0; i<permissions.length; i++) {
var p = permissions[i][1];
try {
sm.checkPermission(p);
successCnt++;
} catch (se){
unexpectedDenial[unexpectedDenialCnt] = permissions[i][0];
unexpectedDenialCnt++;
}
}
}
// Update the test's metadata
var result = document.getElementById("testResult");
if ( successCnt == permissions.length ) {
result.setAttributeNS(null, "result", "passed");
} else {
System.out.println("test failed: " + unexpectedDenialCnt);
result.setAttributeNS(null, "result", "failed");
result.setAttributeNS(null, "errorCode", "unexpected.denials");
var unexpectedDenialString = "";
for (var i=0; i<unexpectedDenialCnt; i++) {
unexpectedDenialString += unexpectedDenial[i];
}
var entry = null;
entry = document.createElementNS(testNS, "errorDescriptiongEntry");
entry.setAttributeNS(null, "id", "unexpected.denials.count");
entry.setAttributeNS(null, "value", "" + unexpectedDenialCnt);
result.appendChild(entry);
System.out.println("unexpected.denials : " + unexpectedDenialString);
entry = document.createElementNS(testNS, "errorDescriptionEntry");
entry.setAttributeNS(null, "id", "unexpected.denials");
entry.setAttributeNS(null, "value", unexpectedDenialString);
result.appendChild(entry);
}
}
]]></script>
</svg>
1.1
xml-batik/test-resources/org/apache/batik/bridge/ecmaScriptSecurity.svg
Index: ecmaScriptSecurity.svg
===================================================================
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.0//EN"
"http://www.w3.org/TR/2001/REC-SVG-20010904/DTD/svg10.dtd";>
<!-- ========================================================================= -->
<!-- Copyright (C) The Apache Software Foundation. All rights reserved. -->
<!-- -->
<!-- This software is published under the terms of the Apache Software License -->
<!-- version 1.1, a copy of which has been included with this distribution in -->
<!-- the LICENSE file. -->
<!-- ========================================================================= -->
<!-- ========================================================================= -->
<!-- Checks that access to critical functions is not allowed. -->
<!-- -->
<!-- @author [EMAIL PROTECTED] -->
<!-- @version $Id: ecmaScriptSecurity.svg,v 1.1 2002/05/03 12:28:53 vhardy Exp $
-->
<!-- ========================================================================= -->
<svg xmlns="http://www.w3.org/2000/svg";
xmlns:xlink="http://www.w3.org/1999/xlink";
xmlns:test="http://xml.apache.org/batik/test";
width="450" height="500" viewBox="0 0 450 500"
onload="runTest()">
<test:testResult id="testResult" />
<script type="text/ecmascript"><![CDATA[
importPackage(Packages.java.awt);
importPackage(Packages.java.io);
importPackage(Packages.java.lang.reflect);
importPackage(Packages.java.net);
importPackage(Packages.java.security);
importPackage(Packages.java.sql);
importPackage(Packages.java.util);
importPackage(Packages.javax.sound.sampled);
var svgNS = "http://www.w3.org/2000/svg";;
var testNS = "http://xml.apache.org/batik/test";;
var testedPath = "build.sh";
var testedHost = "nagoya.apache.org:8080";
var basePermissions = [
["AllPermission", new AllPermission()],
["FilePermission read", new FilePermission(testedPath, "read")],
["FilePermission write", new FilePermission(testedPath, "write")],
["FilePermission execute", new FilePermission(testedPath, "execute")],
["FilePermission delete", new FilePermission(testedPath, "delete")],
["SocketPermission accept", new SocketPermission(testedHost, "accept")],
["SocketPermission connect", new SocketPermission(testedHost, "connect")],
["SocketPermission listen", new SocketPermission(testedHost, "listen")],
["SocketPermission resolve", new SocketPermission(testedHost, "resolve")],
["AudioPermission play", new AudioPermission("play")],
["AudioPermission record", new AudioPermission("record")],
["AWTPermission accessClipboard", new AWTPermission("accessClipboard")],
["AWTPermission accessEventQueue", new AWTPermission("accessEventQueue")],
["AWTPermission listenToAllAWTEvents", new
AWTPermission("listenToAllAWTEvents")],
["AWTPermission showWindowWithoutWarningBanner", new
AWTPermission("showWindowWithoutWarningBanner")],
["AWTPermission readDisplayPixels", new AWTPermission("readDisplayPixels")],
["AWTPermission createRobot", new AWTPermission("createRobot")],
["AWTPermission fullScreenExclusive", new
AWTPermission("fullScreenExclusive")],
["NetPermission setDefaultAuthenticator", new
NetPermission("setDefaultAuthenticator")],
["NetPermission requestPasswordAuthentication", new
NetPermission("requestPasswordAuthentication")],
["NetPermission specifyStreamHandler", new
NetPermission("specifyStreamHandler")],
["PropertyPermission java.home read", new PropertyPermission("java.home",
"read")],
["PropertyPermission java.home write", new PropertyPermission("java.home",
"write")],
["ReflectPermission", new ReflectPermission("suppressAccessChecks")],
["RuntimePermission createClassLoader", new
RuntimePermission("createClassLoader")],
["RuntimePermission getClassLoader", new
RuntimePermission("getClassLoader")],
["RuntimePermission setContextClassLoader", new
RuntimePermission("setContextClassLoader")],
["RuntimePermission setSecurityManager", new
RuntimePermission("setSecurityManager")],
["RuntimePermission createSecurityManager", new
RuntimePermission("createSecurityManager")],
["RuntimePermission exitVM", new RuntimePermission("exitVM")],
["RuntimePermission shutdownHooks", new RuntimePermission("shutdownHooks")],
["RuntimePermission setFactory", new RuntimePermission("setFactory")],
["RuntimePermission setIO", new RuntimePermission("setIO")],
["RuntimePermission modifyThread", new RuntimePermission("modifyThread")],
["RuntimePermission stopThread", new RuntimePermission("stopThread")],
["RuntimePermission modifyThreadGroup", new
RuntimePermission("modifyThreadGroup")],
["RuntimePermission getProtectionDomain", new
RuntimePermission("getProtectionDomain")],
["RuntimePermission readFileDescriptor", new
RuntimePermission("readFileDescriptor")],
["RuntimePermission writeFileDescriptor", new
RuntimePermission("writeFileDescriptor")],
["RuntimePermission loadLibrary.{library name}", new
RuntimePermission("loadLibrary.{library name}")],
["RuntimePermission accessClassInPackage.java.security", new
RuntimePermission("accessClassInPackage.java.security")],
["RuntimePermission defineClassInPackage.java.lang", new
RuntimePermission("defineClassInPackage.java.lang")],
["RuntimePermission accessDeclaredMembers", new
RuntimePermission("accessDeclaredMembers")],
["RuntimePermission queuePrintJob", new RuntimePermission("queuePrintJob")],
["SecurityPermission createAccessControlContext", new
SerializablePermission("createAccessControlContext")],
["SecurityPermission getDomainCombiner", new
SerializablePermission("getDomainCombiner")],
["SecurityPermission getPolicy", new SerializablePermission("getPolicy")],
["SecurityPermission setPolicy", new SerializablePermission("setPolicy")],
["SecurityPermission setSystemScope", new
SerializablePermission("setSystemScope")],
["SecurityPermission setIdentityPublicKey", new
SerializablePermission("setIdentityPublicKey")],
["SecurityPermission setIdentityInfo", new
SerializablePermission("setIdentityInfo")],
["SecurityPermission addIdentityCertificate", new
SerializablePermission("addIdentityCertificate")],
["SecurityPermission removeIdentityCertificate", new
SerializablePermission("removeIdentityCertificate")],
["SecurityPermission printIdentity", new
SerializablePermission("printIdentity")],
["SecurityPermission getSignerPrivateKey", new
SerializablePermission("getSignerPrivateKey")],
["SecurityPermission setSignerKeyPair", new
SerializablePermission("setSignerKeyPair")],
["SerializablePermission enableSubclassImplementation", new
SerializablePermission("enableSubclassImplementation")],
["SerializablePermission enableSubstitution", new
SerializablePermission("enableSubstitution")],
["SQLPermission", new SQLPermission("setLog")],
];
var permissions = null;
var statusRects = null;
var nGranted = 0;
function init(){
var docURL = document.getURLObject();
if (docURL != null
&& (docURL.getHost() != null)
&& !( "" == docURL.getHost())
) {
permissions = new Array();
var docHost = docURL.getHost();
if (docURL.getPort() != -1) {
docHost += ":" + docURL.getPort();
}
permissions[0] = ["SocketPermission accept " + docHost,
new SocketPermission(docHost, "accept")];
permissions[1] = ["SocketPermission connect " + docHost,
new SocketPermission(docHost, "connect")];
permissions[2] = ["SocketPermission resolve " + docHost,
new SocketPermission(docHost, "resolve")];
// permissions.concat(basePermissions);
for (var i=0; i<basePermissions.length; i++){
permissions[3+i] = basePermissions[i];
}
nGranted = 3;
} else {
permissions = basePermissions;
}
}
init();
function runTest(){
var sm = System.getSecurityManager();
var successCnt = 0;
var unexpectedGrants = new Array();
var unexpectedDenial = new Array();
var unexpectedDenialCnt = 0;
var unexpectedGrantsCnt = 0;
if (sm == null){
for (var i=0; i<nGranted; i++) {
successCnt++;
}
for (var i=nGranted; i<permissions.length; i++) {
unexpectedGrants[unexpectedGrantsCnt] = permissions[i][0];
unexpectedGrantsCnt++;
}
}
else {
for (var i=0; i<nGranted; i++) {
var p = permissions[i][1];
var success = true;
try {
sm.checkPermission(p);
successCnt++;
} catch (se){
unexpectedDenial[unexpectedDenialCnt] = permissions[i][0];
unexpectedDenialCnt++;
}
}
for (var i=nGranted; i<permissions.length; i++) {
var p = permissions[i][1];
var success = true;
try {
sm.checkPermission(p);
unexpectedGrants[unexpectedGrantsCnt] = permissions[i][0];
unexpectedGrantsCnt++;
} catch (se){
successCnt++;
}
}
}
// Update the test's metadata
var result = document.getElementById("testResult");
if ( successCnt == permissions.length ) {
result.setAttributeNS(null, "result", "passed");
} else {
System.out.println("test failed: " + unexpectedGrantsCnt + " / " +
unexpectedDenialCnt);
result.setAttributeNS(null, "result", "failed");
result.setAttributeNS(null, "errorCode", "unexpected.grants.or.denials");
var unexpectedGrantsString = "";
var unexpectedDenialString = "";
for (var i=0; i<unexpectedGrantsCnt; i++) {
unexpectedGrantsString += unexpectedGrants[i];
}
for (var i=0; i<unexpectedDenialCnt; i++) {
unexpectedDenialString += unexpectedDenial[i];
}
System.out.println("unexpected.grants : " + unexpectedGrantsString);
var entry = null;
entry = document.createElementNS(testNS, "errorDescriptiongEntry");
entry.setAttributeNS(null, "id", "unexpected.grants.count");
entry.setAttributeNS(null, "value", "" + unexpectedGrantsCnt);
result.appendChild(entry);
entry = document.createElementNS(testNS, "errorDescriptionEntry");
entry.setAttributeNS(null, "id", "unexpected.grants");
entry.setAttributeNS(null, "value", unexpectedGrantsString);
result.appendChild(entry);
entry = document.createElementNS(testNS, "errorDescriptiongEntry");
entry.setAttributeNS(null, "id", "unexpected.denials.count");
entry.setAttributeNS(null, "value", "" + unexpectedDenialCnt);
result.appendChild(entry);
System.out.println("unexpected.denials : " + unexpectedDenialString);
entry = document.createElementNS(testNS, "errorDescriptionEntry");
entry.setAttributeNS(null, "id", "unexpected.denials");
entry.setAttributeNS(null, "value", unexpectedDenialString);
result.appendChild(entry);
}
}
]]></script>
</svg>
1.1
xml-batik/test-resources/org/apache/batik/bridge/ecmaScriptSecurity2.svg
Index: ecmaScriptSecurity2.svg
===================================================================
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.0//EN"
"http://www.w3.org/TR/2001/REC-SVG-20010904/DTD/svg10.dtd";>
<!-- ========================================================================= -->
<!-- Copyright (C) The Apache Software Foundation. All rights reserved. -->
<!-- -->
<!-- This software is published under the terms of the Apache Software License -->
<!-- version 1.1, a copy of which has been included with this distribution in -->
<!-- the LICENSE file. -->
<!-- ========================================================================= -->
<!-- ========================================================================= -->
<!-- Checks that access to critical functions is allowed. -->
<!-- -->
<!-- @author [EMAIL PROTECTED] -->
<!-- @version $Id: ecmaScriptSecurity2.svg,v 1.1 2002/05/03 12:28:53 vhardy Exp $
-->
<!-- ========================================================================= -->
<svg xmlns="http://www.w3.org/2000/svg";
xmlns:xlink="http://www.w3.org/1999/xlink";
xmlns:test="http://xml.apache.org/batik/test";
width="450" height="500" viewBox="0 0 450 500"
onload="runTest()">
<test:testResult id="testResult" />
<script type="text/ecmascript"><![CDATA[
importPackage(Packages.java.awt);
importPackage(Packages.java.io);
importPackage(Packages.java.lang.reflect);
importPackage(Packages.java.net);
importPackage(Packages.java.security);
importPackage(Packages.java.sql);
importPackage(Packages.java.util);
importPackage(Packages.javax.sound.sampled);
var svgNS = "http://www.w3.org/2000/svg";;
var testNS = "http://xml.apache.org/batik/test";;
var testedPath = "build.sh";
var testedHost = "nagoya.apache.org:8080";
var basePermissions = [
["AllPermission", new AllPermission()],
["FilePermission read", new FilePermission(testedPath, "read")],
["FilePermission write", new FilePermission(testedPath, "write")],
["FilePermission execute", new FilePermission(testedPath, "execute")],
["FilePermission delete", new FilePermission(testedPath, "delete")],
["SocketPermission accept", new SocketPermission(testedHost, "accept")],
["SocketPermission connect", new SocketPermission(testedHost, "connect")],
["SocketPermission listen", new SocketPermission(testedHost, "listen")],
["SocketPermission resolve", new SocketPermission(testedHost, "resolve")],
["AudioPermission play", new AudioPermission("play")],
["AudioPermission record", new AudioPermission("record")],
["AWTPermission accessClipboard", new AWTPermission("accessClipboard")],
["AWTPermission accessEventQueue", new AWTPermission("accessEventQueue")],
["AWTPermission listenToAllAWTEvents", new
AWTPermission("listenToAllAWTEvents")],
["AWTPermission showWindowWithoutWarningBanner", new
AWTPermission("showWindowWithoutWarningBanner")],
["AWTPermission readDisplayPixels", new AWTPermission("readDisplayPixels")],
["AWTPermission createRobot", new AWTPermission("createRobot")],
["AWTPermission fullScreenExclusive", new
AWTPermission("fullScreenExclusive")],
["NetPermission setDefaultAuthenticator", new
NetPermission("setDefaultAuthenticator")],
["NetPermission requestPasswordAuthentication", new
NetPermission("requestPasswordAuthentication")],
["NetPermission specifyStreamHandler", new
NetPermission("specifyStreamHandler")],
["PropertyPermission java.home read", new PropertyPermission("java.home",
"read")],
["PropertyPermission java.home write", new PropertyPermission("java.home",
"write")],
["ReflectPermission", new ReflectPermission("suppressAccessChecks")],
["RuntimePermission createClassLoader", new
RuntimePermission("createClassLoader")],
["RuntimePermission getClassLoader", new
RuntimePermission("getClassLoader")],
["RuntimePermission setContextClassLoader", new
RuntimePermission("setContextClassLoader")],
["RuntimePermission setSecurityManager", new
RuntimePermission("setSecurityManager")],
["RuntimePermission createSecurityManager", new
RuntimePermission("createSecurityManager")],
["RuntimePermission exitVM", new RuntimePermission("exitVM")],
["RuntimePermission shutdownHooks", new RuntimePermission("shutdownHooks")],
["RuntimePermission setFactory", new RuntimePermission("setFactory")],
["RuntimePermission setIO", new RuntimePermission("setIO")],
["RuntimePermission modifyThread", new RuntimePermission("modifyThread")],
["RuntimePermission stopThread", new RuntimePermission("stopThread")],
["RuntimePermission modifyThreadGroup", new
RuntimePermission("modifyThreadGroup")],
["RuntimePermission getProtectionDomain", new
RuntimePermission("getProtectionDomain")],
["RuntimePermission readFileDescriptor", new
RuntimePermission("readFileDescriptor")],
["RuntimePermission writeFileDescriptor", new
RuntimePermission("writeFileDescriptor")],
["RuntimePermission loadLibrary.{library name}", new
RuntimePermission("loadLibrary.{library name}")],
["RuntimePermission accessClassInPackage.java.security", new
RuntimePermission("accessClassInPackage.java.security")],
["RuntimePermission defineClassInPackage.java.lang", new
RuntimePermission("defineClassInPackage.java.lang")],
["RuntimePermission accessDeclaredMembers", new
RuntimePermission("accessDeclaredMembers")],
["RuntimePermission queuePrintJob", new RuntimePermission("queuePrintJob")],
["SecurityPermission createAccessControlContext", new
SerializablePermission("createAccessControlContext")],
["SecurityPermission getDomainCombiner", new
SerializablePermission("getDomainCombiner")],
["SecurityPermission getPolicy", new SerializablePermission("getPolicy")],
["SecurityPermission setPolicy", new SerializablePermission("setPolicy")],
["SecurityPermission setSystemScope", new
SerializablePermission("setSystemScope")],
["SecurityPermission setIdentityPublicKey", new
SerializablePermission("setIdentityPublicKey")],
["SecurityPermission setIdentityInfo", new
SerializablePermission("setIdentityInfo")],
["SecurityPermission addIdentityCertificate", new
SerializablePermission("addIdentityCertificate")],
["SecurityPermission removeIdentityCertificate", new
SerializablePermission("removeIdentityCertificate")],
["SecurityPermission printIdentity", new
SerializablePermission("printIdentity")],
["SecurityPermission getSignerPrivateKey", new
SerializablePermission("getSignerPrivateKey")],
["SecurityPermission setSignerKeyPair", new
SerializablePermission("setSignerKeyPair")],
["SerializablePermission enableSubclassImplementation", new
SerializablePermission("enableSubclassImplementation")],
["SerializablePermission enableSubstitution", new
SerializablePermission("enableSubstitution")],
["SQLPermission", new SQLPermission("setLog")],
];
var permissions = null;
var statusRects = null;
var nGranted = 0;
function init(){
var docURL = document.getURLObject();
if (docURL != null
&& (docURL.getHost() != null)
&& !( "" == docURL.getHost())
) {
permissions = new Array();
var docHost = docURL.getHost();
if (docURL.getPort() != -1) {
docHost += ":" + docURL.getPort();
}
permissions[0] = ["SocketPermission accept " + docHost,
new SocketPermission(docHost, "accept")];
permissions[1] = ["SocketPermission connect " + docHost,
new SocketPermission(docHost, "connect")];
permissions[2] = ["SocketPermission resolve " + docHost,
new SocketPermission(docHost, "resolve")];
// permissions.concat(basePermissions);
for (var i=0; i<basePermissions.length; i++){
permissions[3+i] = basePermissions[i];
}
nGranted = 3;
} else {
permissions = basePermissions;
}
}
init();
function runTest(){
var sm = System.getSecurityManager();
var successCnt = 0;
var unexpectedDenial = new Array();
var unexpectedDenialCnt = 0;
if (sm == null){
for (var i=0; i<permissions.length; i++) {
successCnt++;
}
}
else {
for (var i=0; i<permissions.length; i++) {
var p = permissions[i][1];
try {
sm.checkPermission(p);
successCnt++;
} catch (se){
unexpectedDenial[unexpectedDenialCnt] = permissions[i][0];
unexpectedDenialCnt++;
}
}
}
// Update the test's metadata
var result = document.getElementById("testResult");
if ( successCnt == permissions.length ) {
result.setAttributeNS(null, "result", "passed");
} else {
System.out.println("test failed: " + unexpectedDenialCnt);
result.setAttributeNS(null, "result", "failed");
result.setAttributeNS(null, "errorCode", "unexpected.denials");
var unexpectedDenialString = "";
for (var i=0; i<unexpectedDenialCnt; i++) {
unexpectedDenialString += unexpectedDenial[i];
}
var entry = null;
entry = document.createElementNS(testNS, "errorDescriptiongEntry");
entry.setAttributeNS(null, "id", "unexpected.denials.count");
entry.setAttributeNS(null, "value", "" + unexpectedDenialCnt);
result.appendChild(entry);
System.out.println("unexpected.denials : " + unexpectedDenialString);
entry = document.createElementNS(testNS, "errorDescriptionEntry");
entry.setAttributeNS(null, "id", "unexpected.denials");
entry.setAttributeNS(null, "value", unexpectedDenialString);
result.appendChild(entry);
}
}
]]></script>
</svg>
1.1 xml-batik/test-resources/org/apache/batik/bridge/unitTesting.xml
Index: unitTesting.xml
===================================================================
<!-- ========================================================================= -->
<!-- Copyright (C) The Apache Software Foundation. All rights reserved. -->
<!-- -->
<!-- This software is published under the terms of the Apache Software License -->
<!-- version 1.1, a copy of which has been included with this distribution in -->
<!-- the LICENSE file. -->
<!-- ========================================================================= -->
<!-- ========================================================================= -->
<!-- @author [EMAIL PROTECTED] -->
<!-- @version $Id: unitTesting.xml,v 1.1 2002/05/03 12:28:53 vhardy Exp $ -->
<!-- ========================================================================= -->
<testSuite id="bridge.unitTesting"
name="org.apache.batik.bridge package - Unit Testing">
<!-- ================================================================ -->
<!-- Script Permissions check -->
<!-- ================================================================ -->
<testGroup id="security" name="Script Security"
class="org.apache.batik.bridge.ScriptSelfTest">
<test id="ecmaCheckPermissionsDenied">
<property name="Secure" class="java.lang.Boolean" value="true" />
</test>
<test id="ecmaCheckPermissionsGranted">
<property name="Secure" class="java.lang.Boolean" value="false" />
</test>
<test id="ecmaCheckNoLoad">
<property name="Scripts" class="java.lang.String"
value="application/java-archive" />
</test>
<test id="ecmaCheckLoad">
<property name="Scripts" class="java.lang.String"
value="text/ecmascript" />
</test>
<test id="ecmaCheckConstrain">
<property name="Constrain" class="java.lang.Boolean"
value="true" />
</test>
<test id="ecmaCheckNoConstrain">
<property name="Constrain" class="java.lang.Boolean"
value="false" />
</test>
</testGroup>
</testSuite>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
