001: /*
002: * @(#)URLImageSource.java 1.24 06/10/10
003: *
004: * Copyright 1990-2006 Sun Microsystems, Inc. All Rights Reserved.
005: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER
006: *
007: * This program is free software; you can redistribute it and/or
008: * modify it under the terms of the GNU General Public License version
009: * 2 only, as published by the Free Software Foundation.
010: *
011: * This program is distributed in the hope that it will be useful, but
012: * WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * General Public License version 2 for more details (a copy is
015: * included at /legal/license.txt).
016: *
017: * You should have received a copy of the GNU General Public License
018: * version 2 along with this work; if not, write to the Free Software
019: * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
020: * 02110-1301 USA
021: *
022: * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
023: * Clara, CA 95054 or visit www.sun.com if you need additional
024: * information or have any questions.
025: *
026: */
027:
028: package sun.awt.image;
029:
030: import java.io.InputStream;
031: import java.io.IOException;
032: import java.net.URL;
033: import java.net.URLConnection;
034: import java.net.MalformedURLException;
035:
036: public class URLImageSource extends InputStreamImageSource {
037: URL url;
038: URLConnection conn;
039: String actualHost;
040: int actualPort;
041:
042: public URLImageSource(URL u) {
043: SecurityManager sm = System.getSecurityManager();
044: if (sm != null) {
045: try {
046: java.security.Permission perm = u.openConnection()
047: .getPermission();
048: if (perm != null) {
049: try {
050: sm.checkPermission(perm);
051: } catch (SecurityException se) {
052: // fallback to checkRead/checkConnect for pre 1.2
053: // security managers
054: if ((perm instanceof java.io.FilePermission)
055: && perm.getActions().indexOf("read") != -1) {
056: sm.checkRead(perm.getName());
057: } else if ((perm instanceof java.net.SocketPermission)
058: && perm.getActions().indexOf("connect") != -1) {
059: sm.checkConnect(u.getHost(), u.getPort());
060: } else {
061: throw se;
062: }
063: }
064: }
065: } catch (java.io.IOException ioe) {
066: sm.checkConnect(u.getHost(), u.getPort());
067: }
068: }
069: this .url = u;
070:
071: }
072:
073: public URLImageSource(String href) throws MalformedURLException {
074: this (new URL(null, href));
075: }
076:
077: public URLImageSource(URL u, URLConnection uc) {
078: this (u);
079: conn = uc;
080: }
081:
082: public URLImageSource(URLConnection uc) {
083: this (uc.getURL(), uc);
084: }
085:
086: final boolean checkSecurity(Object context, boolean quiet) {
087: // If actualHost is not null, then the host/port parameters that
088: // the image was actually fetched from were different than the
089: // host/port parameters the original URL specified for at least
090: // one of the download attempts. The original URL security was
091: // checked when the applet got a handle to the image, so we only
092: // need to check for the real host/port.
093: if (actualHost != null) {
094: try {
095: SecurityManager security = System.getSecurityManager();
096: if (security != null) {
097: if (context != null)
098: security.checkConnect(actualHost, actualPort,
099: context);
100: else
101: security.checkConnect(actualHost, actualPort);
102: }
103: } catch (SecurityException e) {
104: if (!quiet) {
105: throw e;
106: }
107: return false;
108: }
109: }
110: return true;
111: }
112:
113: private synchronized URLConnection getConnection()
114: throws IOException {
115: URLConnection c;
116: if (conn != null) {
117: c = conn;
118: conn = null;
119: } else {
120: c = url.openConnection();
121: }
122: return c;
123: }
124:
125: protected ImageDecoder getDecoder() {
126: InputStream is = null;
127: String type = null;
128: try {
129: URLConnection c = getConnection();
130: is = c.getInputStream();
131: type = c.getContentType();
132: URL u = c.getURL();
133: if (u != url
134: && (!u.getHost().equals(url.getHost()) || u
135: .getPort() != url.getPort())) {
136: // The image is allowed to come from either the host/port
137: // listed in the original URL, or it can come from one other
138: // host/port that the URL is redirected to. More than that
139: // and we give up and just throw a SecurityException.
140: if (actualHost != null
141: && (!actualHost.equals(u.getHost()) || actualPort != u
142: .getPort())) {
143: throw new SecurityException("image moved!");
144: }
145: actualHost = u.getHost();
146: actualPort = u.getPort();
147: }
148: } catch (IOException e) {
149: if (is != null) {
150: try {
151: is.close();
152: } catch (IOException e2) {
153: }
154: }
155: return null;
156: }
157:
158: ImageDecoder id = decoderForType(is, type);
159: if (id == null) {
160: id = getDecoder(is);
161: }
162: return id;
163: }
164: }
|