Java 如何授予小程序读取系统属性的权限?
我有一个Java小程序正在尝试读取Java 如何授予小程序读取系统属性的权限?,java,applet,system-properties,Java,Applet,System Properties,我有一个Java小程序正在尝试读取http.strictPostRedirect系统属性 代码不是我的(它是Java的;所以我不能更改它)。但您可以在网上找到代码: HttpURLConnection.java: if (method.equals("POST") && !Boolean.getBoolean("http.strictPostRedirect") && (stat!=307)) { /* The HTTP/1.1 spec says tha
http.strictPostRedirect
系统属性
代码不是我的(它是Java的;所以我不能更改它)。但您可以在网上找到代码:
HttpURLConnection.java:
if (method.equals("POST") && !Boolean.getBoolean("http.strictPostRedirect") && (stat!=307))
{
/* The HTTP/1.1 spec says that a redirect from a POST
* *should not* be immediately turned into a GET, and
* that some HTTP/1.0 clients incorrectly did this.
* Correct behavior redirects a POST to another POST.
* Unfortunately, since most browsers have this incorrect
* behavior, the web works this way now. Typical usage
* seems to be:
* POST a login code or passwd to a web page.
* after validation, the server redirects to another
* (welcome) page
* The second request is (erroneously) expected to be GET
*
* We will do the incorrect thing (POST-->GET) by default.
* We will provide the capability to do the "right" thing
* (POST-->POST) by a system property, "http.strictPostRedirect=true"
*/
...
}
java.security.AccessControlException: access denied (java.util.PropertyPermission http.strictPostRedirect read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at java.lang.Boolean.getBoolean(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.followRedirect(Unknown Source)
基本故障来自于调用:
Boolean.getBoolean("http.strictPostRedirect")
这导致了一场灾难。显然,我不允许读取http.strictPostRedirect
系统属性。试图读取它会抛出一个AccessControlException:
if (method.equals("POST") && !Boolean.getBoolean("http.strictPostRedirect") && (stat!=307))
{
/* The HTTP/1.1 spec says that a redirect from a POST
* *should not* be immediately turned into a GET, and
* that some HTTP/1.0 clients incorrectly did this.
* Correct behavior redirects a POST to another POST.
* Unfortunately, since most browsers have this incorrect
* behavior, the web works this way now. Typical usage
* seems to be:
* POST a login code or passwd to a web page.
* after validation, the server redirects to another
* (welcome) page
* The second request is (erroneously) expected to be GET
*
* We will do the incorrect thing (POST-->GET) by default.
* We will provide the capability to do the "right" thing
* (POST-->POST) by a system property, "http.strictPostRedirect=true"
*/
...
}
java.security.AccessControlException: access denied (java.util.PropertyPermission http.strictPostRedirect read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at java.lang.Boolean.getBoolean(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.followRedirect(Unknown Source)
因此,如果我没有权限读取系统属性的权限:
if (method.equals("POST") && !Boolean.getBoolean("http.strictPostRedirect") && (stat!=307))
{
/* The HTTP/1.1 spec says that a redirect from a POST
* *should not* be immediately turned into a GET, and
* that some HTTP/1.0 clients incorrectly did this.
* Correct behavior redirects a POST to another POST.
* Unfortunately, since most browsers have this incorrect
* behavior, the web works this way now. Typical usage
* seems to be:
* POST a login code or passwd to a web page.
* after validation, the server redirects to another
* (welcome) page
* The second request is (erroneously) expected to be GET
*
* We will do the incorrect thing (POST-->GET) by default.
* We will provide the capability to do the "right" thing
* (POST-->POST) by a system property, "http.strictPostRedirect=true"
*/
...
}
java.security.AccessControlException: access denied (java.util.PropertyPermission http.strictPostRedirect read)
at java.security.AccessControlContext.checkPermission(Unknown Source)
at java.security.AccessController.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPermission(Unknown Source)
at java.lang.SecurityManager.checkPropertyAccess(Unknown Source)
at java.lang.System.getProperty(Unknown Source)
at java.lang.Boolean.getBoolean(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.followRedirect(Unknown Source)
如何获得系统属性的读取权限
显然,必须有一个允许我读取系统属性的设置,否则Sun不会有透明地尝试访问它的代码
这是一个全球范围的机器设置吗?它是一个域范围的设置吗?这是机器范围的设置吗?它是按用户设置的吗?是否为每个小程序设置?它是每次调用的设置吗?它是与特定版本的Java运行时引擎相关的设置吗
tl;dr:如何避免崩溃
读取系统属性
Java确实有一个:
java.class.path
java.home
user.dir
user.home
user.name
http.strictPostRedirect
,不在该列表中。那为什么我不能读呢
另见
Java的系统属性列表不是小程序无法读取的:
- java.class.path
- java.home
- user.dir
- 用户主页
- 用户名
user
下的任何内容都不允许1。只考虑那些“典型”。
显然,必须有一个允许我读取系统属性的设置,否则Sun不会有透明地尝试访问它的代码 对。请参阅上面的修复