[JEXL-397] Dynamic proxy should not require specific permission - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.3
Fix Version/s: 3.4.0
Labels:
None

Description

With the default restricted permissions, dynamic proxies can not be introspected since they extend java.lang.reflect.Proxy whose package is denied.

A workaround is to explicitly allow them as in:

JexlPermissions p = new JexlPermissions.Delegate(JexlPermissions.RESTRICTED) {
  @Override public boolean allow(Class<?> clazz) {
    return Proxy.isProxyClass(clazz) || super.allow(clazz);
  }
};

This workaround should not be necessary.

Attachments

Activity

People

Assignee:: Henri Biestro

Reporter:: Henri Biestro

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 04/May/23 10:27

Updated:: 24/May/24 13:55

Resolved:: 04/May/23 13:31