diff options
author | mlapshin <none@none> | 2008-04-23 18:06:34 +0400 |
---|---|---|
committer | mlapshin <none@none> | 2008-04-23 18:06:34 +0400 |
commit | d892b43350765e08c8eb5e7044a427459042fddb (patch) | |
tree | 7c514f8d3f1f24316dce641f2be3baafc045e9f6 /src/share/classes/javax/swing | |
parent | fc0854bc0df74df00a2cf4d84af281b7e215d63d (diff) |
6691503: Malicious applet can show always-on-top popup menu which has whole screen size
Summary: The fix for 6675802 is replaced by a try-catch clause that catches SequrityExceptions for applets.
Reviewed-by: alexp
Diffstat (limited to 'src/share/classes/javax/swing')
-rw-r--r-- | src/share/classes/javax/swing/Popup.java | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/src/share/classes/javax/swing/Popup.java b/src/share/classes/javax/swing/Popup.java index b246b67f4..a6373f87b 100644 --- a/src/share/classes/javax/swing/Popup.java +++ b/src/share/classes/javax/swing/Popup.java @@ -229,14 +229,15 @@ public class Popup { // Popups are typically transient and most likely won't benefit // from true double buffering. Turn it off here. getRootPane().setUseTrueDoubleBuffering(false); - java.security.AccessController.doPrivileged( - new java.security.PrivilegedAction<Object>() { - public Object run() { - setAlwaysOnTop(true); - return null; - } - } - ); + // Try to set "always-on-top" for the popup window. + // Applets usually don't have sufficient permissions to do it. + // In this case simply ignore the exception. + try { + setAlwaysOnTop(true); + } catch (SecurityException se) { + // setAlwaysOnTop is restricted, + // the exception is ignored + } } public void update(Graphics g) { |