From d892b43350765e08c8eb5e7044a427459042fddb Mon Sep 17 00:00:00 2001
From: mlapshin <none@none>
Date: Wed, 23 Apr 2008 18:06:34 +0400
Subject: 6691503: Malicious applet can show always-on-top popup menu which has
 whole screen size Summary: The fix for 6675802 is replaced by a try-catch
 clause that catches SequrityExceptions for applets. Reviewed-by: alexp

---
 src/share/classes/javax/swing/Popup.java | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

(limited to 'src/share/classes/javax/swing')

diff --git a/src/share/classes/javax/swing/Popup.java b/src/share/classes/javax/swing/Popup.java
index b246b67f4..a6373f87b 100644
--- a/src/share/classes/javax/swing/Popup.java
+++ b/src/share/classes/javax/swing/Popup.java
@@ -229,14 +229,15 @@ public class Popup {
             // Popups are typically transient and most likely won't benefit
             // from true double buffering.  Turn it off here.
             getRootPane().setUseTrueDoubleBuffering(false);
-            java.security.AccessController.doPrivileged(
-                    new java.security.PrivilegedAction<Object>() {
-                        public Object run() {
-                            setAlwaysOnTop(true);
-                            return null;
-                        }
-                    }
-            );
+            // Try to set "always-on-top" for the popup window.
+            // Applets usually don't have sufficient permissions to do it.
+            // In this case simply ignore the exception.
+            try {
+                setAlwaysOnTop(true);
+            } catch (SecurityException se) {
+                // setAlwaysOnTop is restricted,
+                // the exception is ignored
+            }
         }
 
         public void update(Graphics g) {
-- 
cgit v1.2.3