Categories:
Audio (13)
Biotech (29)
Bytecode (36)
Database (77)
Framework (7)
Game (7)
General (507)
Graphics (53)
I/O (35)
IDE (2)
JAR Tools (101)
JavaBeans (21)
JDBC (121)
JDK (426)
JSP (20)
Logging (108)
Mail (58)
Messaging (8)
Network (84)
PDF (97)
Report (7)
Scripting (84)
Security (32)
Server (121)
Servlet (26)
SOAP (24)
Testing (54)
Web (15)
XML (309)
Collections:
Other Resources:
Rhino JavaScript Java Library Source Code
Rhino JavaScript Java Library is an open-source implementation of JavaScript written entirely in Java.
Rhino JavaScript Java Library Source Code files are provided in binary package (rhino-1.7.14.zip).
You can also browse the source code below:
✍: FYIcenter.com
⏎ org/mozilla/javascript/PolicySecurityController.java
/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ package org.mozilla.javascript; import java.lang.ref.SoftReference; import java.lang.reflect.UndeclaredThrowableException; import java.security.AccessController; import java.security.CodeSource; import java.security.Policy; import java.security.PrivilegedAction; import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; import java.security.SecureClassLoader; import java.util.Map; import java.util.WeakHashMap; import org.mozilla.classfile.ByteCode; import org.mozilla.classfile.ClassFileWriter; /** * A security controller relying on Java {@link Policy} in effect. When you use * this security controller, your securityDomain objects must be instances of * {@link CodeSource} representing the location from where you load your * scripts. Any Java policy "grant" statements matching the URL and certificate * in code sources will apply to the scripts. If you specify any certificates * within your {@link CodeSource} objects, it is your responsibility to verify * (or not) that the script source files are signed in whatever * implementation-specific way you're using. * @author Attila Szegedi */ public class PolicySecurityController extends SecurityController { private static final byte[] secureCallerImplBytecode = loadBytecode(); // We're storing a CodeSource -> (ClassLoader -> SecureRenderer), since we // need to have one renderer per class loader. We're using weak hash maps // and soft references all the way, since we don't want to interfere with // cleanup of either CodeSource or ClassLoader objects. private static final Map<CodeSource,Map<ClassLoader,SoftReference<SecureCaller>>> callers = new WeakHashMap<CodeSource,Map<ClassLoader,SoftReference<SecureCaller>>>(); @Override public Class<?> getStaticSecurityDomainClassInternal() { return CodeSource.class; } private static class Loader extends SecureClassLoader implements GeneratedClassLoader { private final CodeSource codeSource; Loader(ClassLoader parent, CodeSource codeSource) { super(parent); this.codeSource = codeSource; } @Override public Class<?> defineClass(String name, byte[] data) { return defineClass(name, data, 0, data.length, codeSource); } @Override public void linkClass(Class<?> cl) { resolveClass(cl); } } @Override public GeneratedClassLoader createClassLoader(final ClassLoader parent, final Object securityDomain) { return (Loader)AccessController.doPrivileged( new PrivilegedAction<Object>() { @Override public Object run() { return new Loader(parent, (CodeSource)securityDomain); } }); } @Override public Object getDynamicSecurityDomain(Object securityDomain) { // No separate notion of dynamic security domain - just return what was // passed in. return securityDomain; } @Override public Object callWithDomain(final Object securityDomain, final Context cx, Callable callable, Scriptable scope, Scriptable thisObj, Object[] args) { // Run in doPrivileged as we might be checked for "getClassLoader" // runtime permission final ClassLoader classLoader = (ClassLoader)AccessController.doPrivileged( new PrivilegedAction<Object>() { @Override public Object run() { return cx.getApplicationClassLoader(); } }); final CodeSource codeSource = (CodeSource)securityDomain; Map<ClassLoader,SoftReference<SecureCaller>> classLoaderMap; synchronized (callers) { classLoaderMap = callers.get(codeSource); if(classLoaderMap == null) { classLoaderMap = new WeakHashMap<ClassLoader,SoftReference<SecureCaller>>(); callers.put(codeSource, classLoaderMap); } } SecureCaller caller; synchronized (classLoaderMap) { SoftReference<SecureCaller> ref = classLoaderMap.get(classLoader); if (ref != null) { caller = ref.get(); } else { caller = null; } if (caller == null) { try { // Run in doPrivileged as we'll be checked for // "createClassLoader" runtime permission caller = (SecureCaller)AccessController.doPrivileged( new PrivilegedExceptionAction<Object>() { @Override public Object run() throws Exception { Loader loader = new Loader(classLoader, codeSource); Class<?> c = loader.defineClass( SecureCaller.class.getName() + "Impl", secureCallerImplBytecode); return c.newInstance(); } }); classLoaderMap.put(classLoader, new SoftReference<SecureCaller>(caller)); } catch(PrivilegedActionException ex) { throw new UndeclaredThrowableException(ex.getCause()); } } } return caller.call(callable, cx, scope, thisObj, args); } public abstract static class SecureCaller { public abstract Object call(Callable callable, Context cx, Scriptable scope, Scriptable thisObj, Object[] args); } private static byte[] loadBytecode() { String secureCallerClassName = SecureCaller.class.getName(); ClassFileWriter cfw = new ClassFileWriter( secureCallerClassName + "Impl", secureCallerClassName, "<generated>"); cfw.startMethod("<init>", "()V", ClassFileWriter.ACC_PUBLIC); cfw.addALoad(0); cfw.addInvoke(ByteCode.INVOKESPECIAL, secureCallerClassName, "<init>", "()V"); cfw.add(ByteCode.RETURN); cfw.stopMethod((short)1); String callableCallSig = "Lorg/mozilla/javascript/Context;" + "Lorg/mozilla/javascript/Scriptable;" + "Lorg/mozilla/javascript/Scriptable;" + "[Ljava/lang/Object;)Ljava/lang/Object;"; cfw.startMethod("call", "(Lorg/mozilla/javascript/Callable;" + callableCallSig, (short)(ClassFileWriter.ACC_PUBLIC | ClassFileWriter.ACC_FINAL)); for(int i = 1; i < 6; ++i) { cfw.addALoad(i); } cfw.addInvoke(ByteCode.INVOKEINTERFACE, "org/mozilla/javascript/Callable", "call", "(" + callableCallSig); cfw.add(ByteCode.ARETURN); cfw.stopMethod((short)6); return cfw.toByteArray(); } }
⏎ org/mozilla/javascript/PolicySecurityController.java
Or download all of them as a single archive file:
File name: rhino-1.7.14-sources.jar File size: 1029165 bytes Release date: 2022-01-06 Download
⇒ Example code to Test rhino-runtime-1.7.14.jar
⇐ Download Rhino JavaScript Binary Package
2022-05-03, 34707👍, 1💬
Popular Posts:
What Is jniwrap.jar in JNIWrapper 3.7.1? winpack.jar in JNIWrapper 3.7.1 is an add-on JAR file for J...
How to download and install JDK (Java Development Kit) 5? If you want to write Java applications, yo...
JDK 17 java.base.jmod is the JMOD file for JDK 17 Base module. JDK 17 Base module compiled class fil...
Provides a simple high-level Http server API, which can be used to build embedded HTTP servers. Both...
Apache Axis2 is the core engine for Web services. It is a complete re-design and re-write of the wid...