Example 1 with SVGOMDocument
use of org.apache.batik.dom.svg.SVGOMDocument in project newsrob by marianokamp.
the class UntrustedScriptHandler method run.
/**
* Runs this handler. This method is called by the SVG viewer
* when the scripts are loaded.
* @param doc The current document.
* @param win An object which represents the current viewer.
*/
public void run(final Document doc, final Window win) {
int nGrantedTmp = 0;
//
// If the document is loaded over the network, check that the
// class has permission to access the server
//
URL docURL = ((SVGOMDocument) doc).getURLObject();
if (docURL != null && docURL.getHost() != null && !"".equals(docURL.getHost())) {
permissions = new Object[basePermissions.length + 3][2];
System.arraycopy(basePermissions, 0, permissions, 3, basePermissions.length);
String docHost = docURL.getHost();
if (docURL.getPort() != -1) {
docHost += ":" + docURL.getPort();
}
permissions[0][0] = "SocketPermission accept " + docHost;
permissions[0][1] = new SocketPermission(docHost, "accept");
permissions[1][0] = "SocketPermission connect " + docHost;
permissions[1][1] = new SocketPermission(docHost, "connect");
permissions[2][0] = "SocketPermission resolve " + docHost;
permissions[2][1] = new SocketPermission(docHost, "resolve");
nGrantedTmp = 3;
} else {
permissions = basePermissions;
}
// Captures the number of permissions which should be
// granted to this code.
final int nGranted = nGrantedTmp;
//
// Build a table in the scrollable area of the document
//
Element securityResults = doc.getElementById("securityResults");
statusRects = new Element[permissions.length];
for (int i = 0; i < permissions.length; i++) {
Element textElt = doc.createElementNS(svgNS, "text");
textElt.setAttributeNS(null, "x", "55");
textElt.setAttributeNS(null, "y", "" + (85 + i * 20));
textElt.appendChild(doc.createTextNode(permissions[i][0].toString()));
securityResults.appendChild(textElt);
Element rectElt = doc.createElementNS(svgNS, "rect");
rectElt.setAttributeNS(null, "x", "50");
rectElt.setAttributeNS(null, "y", "" + (70 + i * 20));
rectElt.setAttributeNS(null, "width", "330");
rectElt.setAttributeNS(null, "height", "20");
rectElt.setAttributeNS(null, "class", "tableCell");
securityResults.appendChild(rectElt);
rectElt = doc.createElementNS(svgNS, "rect");
rectElt.setAttributeNS(null, "x", "380");
rectElt.setAttributeNS(null, "y", "" + (70 + i * 20));
rectElt.setAttributeNS(null, "width", "20");
rectElt.setAttributeNS(null, "height", "20");
rectElt.setAttributeNS(null, "class", "tableCell");
securityResults.appendChild(rectElt);
rectElt = doc.createElementNS(svgNS, "rect");
rectElt.setAttributeNS(null, "x", "383");
rectElt.setAttributeNS(null, "y", "" + (73 + i * 20));
rectElt.setAttributeNS(null, "width", "14");
rectElt.setAttributeNS(null, "height", "14");
rectElt.setAttributeNS(null, "class", "untested");
securityResults.appendChild(rectElt);
statusRects[i] = rectElt;
}
EventTarget testButton = (EventTarget) doc.getElementById("runTest");
testButton.addEventListener("click", new EventListener() {
public void handleEvent(Event evt) {
SecurityManager sm = System.getSecurityManager();
int successCnt = 0;
if (sm == null) {
for (int i = 0; i < nGranted; i++) {
statusRects[i].setAttributeNS(null, "class", "passedTest");
successCnt++;
}
for (int i = nGranted; i < permissions.length; i++) {
statusRects[i].setAttributeNS(null, "class", "failedTest");
}
} else {
for (int i = 0; i < nGranted; i++) {
Permission p = (Permission) permissions[i][1];
boolean success = true;
try {
sm.checkPermission(p);
statusRects[i].setAttributeNS(null, "class", "passedTest");
successCnt++;
} catch (SecurityException se) {
statusRects[i].setAttributeNS(null, "class", "failedTest");
System.out.println("*********************************************");
se.printStackTrace();
}
}
for (int i = nGranted; i < permissions.length; i++) {
Permission p = (Permission) permissions[i][1];
boolean success = true;
try {
sm.checkPermission(p);
statusRects[i].setAttributeNS(null, "class", "failedTest");
} catch (SecurityException se) {
statusRects[i].setAttributeNS(null, "class", "passedTest");
successCnt++;
}
}
}
// Update the global status
Element globalStatus = doc.getElementById("globalStatus");
if (successCnt == (statusRects.length)) {
globalStatus.setAttributeNS(null, "class", "passedTest");
} else {
globalStatus.setAttributeNS(null, "class", "failedTest");
}
String successRatioString = "Test Result: " + successCnt + " / " + statusRects.length;
Element successRatio = doc.getElementById("successRatio");
successRatio.replaceChild(doc.createTextNode(successRatioString), successRatio.getFirstChild());
}
}, false);
}
Also used :
SVGOMDocument(org.apache.batik.dom.svg.SVGOMDocument)
SocketPermission(java.net.SocketPermission)
ReflectPermission(java.lang.reflect.ReflectPermission)
SecurityPermission(java.security.SecurityPermission)
AllPermission(java.security.AllPermission)
SQLPermission(java.sql.SQLPermission)
PropertyPermission(java.util.PropertyPermission)
SerializablePermission(java.io.SerializablePermission)
NetPermission(java.net.NetPermission)
Permission(java.security.Permission)
FilePermission(java.io.FilePermission)
AWTPermission(java.awt.AWTPermission)
SocketPermission(java.net.SocketPermission)
AudioPermission(javax.sound.sampled.AudioPermission)
URL(java.net.URL)
Aggregations
AWTPermission (java.awt.AWTPermission)1
FilePermission (java.io.FilePermission)1
SerializablePermission (java.io.SerializablePermission)1
ReflectPermission (java.lang.reflect.ReflectPermission)1
NetPermission (java.net.NetPermission)1
SocketPermission (java.net.SocketPermission)1
URL (java.net.URL)1
AllPermission (java.security.AllPermission)1
Permission (java.security.Permission)1
SecurityPermission (java.security.SecurityPermission)1
SQLPermission (java.sql.SQLPermission)1
PropertyPermission (java.util.PropertyPermission)1
AudioPermission (javax.sound.sampled.AudioPermission)1
SVGOMDocument (org.apache.batik.dom.svg.SVGOMDocument)1
