Index: src/test/api/java/org/apache/harmony/security/tests/java/security/PolicyTest.java =================================================================== --- src/test/api/java/org/apache/harmony/security/tests/java/security/PolicyTest.java (revision 504022) +++ src/test/api/java/org/apache/harmony/security/tests/java/security/PolicyTest.java (working copy) @@ -197,7 +197,7 @@ // Regression for HARMONY-1963 and HARMONY-2910 String policyFile = Support_Resources .getAbsoluteResourcePath("PolicyTest.txt"); - String oldSysProp = System.getProperty(JAVA_SECURITY_POLICY); + String oldJavaPolicy = System.getProperty(JAVA_SECURITY_POLICY); Policy oldPolicy = Policy.getPolicy(); try { @@ -206,14 +206,20 @@ // test: absolute paths assertCodeBasePropertyExpansion("/11111/*", "/11111/-"); assertCodeBasePropertyExpansion("/22222/../22222/*", "/22222/-"); - //FIXME assertCodeBasePropertyExpansion("/33333/*", "/33333/../33333/-"); + assertCodeBasePropertyExpansion("/33333/*", "/33333/../33333/-"); + assertCodeBasePropertyExpansion("/44444/../44444/-", "/44444/*"); + assertCodeBasePropertyExpansion("/55555/../55555/-", + "/55555/../55555/-"); // test: relative paths - assertCodeBasePropertyExpansion("44444/*", "44444/-"); - assertCodeBasePropertyExpansion("55555/../55555/*", "55555/-"); - //FIXME assertCodeBasePropertyExpansion("66666/*", "66666/../66666/-"); + assertCodeBasePropertyExpansion("11111/*", "11111/-"); + assertCodeBasePropertyExpansion("22222/../22222/*", "22222/-"); + assertCodeBasePropertyExpansion("33333/*", "33333/../33333/-"); + assertCodeBasePropertyExpansion("44444/../44444/-", "44444/*"); + assertCodeBasePropertyExpansion("55555/../55555/-", + "55555/../55555/-"); } finally { - TestUtils.setSystemProperty(JAVA_SECURITY_POLICY, oldSysProp); + TestUtils.setSystemProperty(JAVA_SECURITY_POLICY, oldJavaPolicy); Policy.setPolicy(oldPolicy); } } Index: src/main/java/common/org/apache/harmony/security/PolicyEntry.java =================================================================== --- src/main/java/common/org/apache/harmony/security/PolicyEntry.java (revision 504022) +++ src/main/java/common/org/apache/harmony/security/PolicyEntry.java (working copy) @@ -22,6 +22,8 @@ package org.apache.harmony.security; +import java.net.URL; +import java.security.CodeSigner; import java.security.CodeSource; import java.security.Permission; import java.security.Principal; @@ -30,7 +32,6 @@ import org.apache.harmony.security.fortress.PolicyUtils; - /** * This class represents an elementary block of a security policy. It associates * a CodeSource of an executable code, Principals allowed to execute the code, @@ -68,7 +69,27 @@ * imply() method. */ public boolean impliesCodeSource(CodeSource codeSource) { - return (cs == null) ? true : cs.implies(codeSource); + if (cs == null) { + return true; + } + + if (codeSource == null) { + return false; + } + + URL codeSourceURL = PolicyUtils.normalizeURL(codeSource.getLocation()); + if (codeSourceURL != codeSource.getLocation()) { + // URL was normalized - recreate codeSource with new URL + CodeSigner[] signers = codeSource.getCodeSigners(); + if (signers == null) { + codeSource = new CodeSource(codeSourceURL, codeSource + .getCertificates()); + } else { + codeSource = new CodeSource(codeSourceURL, signers); + } + } + + return cs.implies(codeSource); } /** Index: src/main/java/common/org/apache/harmony/security/fortress/PolicyUtils.java =================================================================== --- src/main/java/common/org/apache/harmony/security/fortress/PolicyUtils.java (revision 504022) +++ src/main/java/common/org/apache/harmony/security/fortress/PolicyUtils.java (working copy) @@ -282,6 +282,26 @@ throws ExpansionFailedException { return expand(str, properties).replace(File.separatorChar, '/'); } + + /** + * Normalizes URLs to standard ones, eliminating pathname symbols. + * + * @param codebase - + * the original URL. + * @return - the normailzed URL. + */ + public static URL normalizeURL(URL codebase) { + if (codebase != null && "file".equals(codebase.getProtocol())) { //$NON-NLS-1$ + String fileStr = codebase.getFile(); + try { + return new File(fileStr).getAbsoluteFile().toURI().normalize() + .toURL(); + } catch (Exception e) { + // ignore + } + } + return codebase; + } /** * Instances of this interface are intended for resolving Index: src/main/java/common/org/apache/harmony/security/fortress/DefaultPolicyParser.java =================================================================== --- src/main/java/common/org/apache/harmony/security/fortress/DefaultPolicyParser.java (revision 504022) +++ src/main/java/common/org/apache/harmony/security/fortress/DefaultPolicyParser.java (working copy) @@ -25,7 +25,6 @@ import java.io.BufferedReader; import java.io.InputStream; import java.io.InputStreamReader; -import java.io.File; import java.io.Reader; import java.net.URL; import java.security.cert.Certificate; @@ -194,14 +193,7 @@ if (ge.codebase != null) { codebase = new URL(resolve ? PolicyUtils.expandURL(ge.codebase, system) : ge.codebase); - //Fix HARMONY-1963 - if ("file".equals(codebase.getProtocol())) { //$NON-NLS-1$ - File codeFile = new File(codebase.getFile()); - if (codeFile.isAbsolute()) { - codebase = new URL("file://" + //$NON-NLS-1$ - codeFile.getAbsolutePath()); - } - } + codebase = PolicyUtils.normalizeURL(codebase); } if (ge.signers != null) { if (resolve) {