On 08/10/13 12:08, Alan Bateman wrote:
On 04/10/2013 21:58, Brian Burkhalter wrote:
:
An updated webrev which I hope adequately addresses the expressed
concerns may be found at:
http://cr.openjdk.java.net/~bpb/7179567.2/
This looks much better.
If I read the code correctly then the long standing behavior of
URLClassLoader.getPermissions(null) was to throw a NPE, now it is
changed to return the empty collection in order to match the super
type (SecureClassLoader). I can't think of anything that would break
so this is probably okay, just maybe a bit surprising.
I'm still not sure about that change. Its effect in sub-classes will be
to continue on in the sub-class implementation
of getPermissions() with a null codesource parameter, where currently
NPE would be thrown.
Michael
