1 /*
2 * Copyright (c) 2008, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24 /*
25 * @test
26 * @bug 6691503
27 * @summary Checks that there is no opportunity for a malicious applet
28 * to show a popup menu which has whole screen size.
29 * a heaviweight popup menu is shown from an applet.
30 * @author Mikhail Lapshin
31 * @run main bug6691503
32 */
33
34 import sun.awt.SunToolkit;
35
36 import javax.swing.*;
37 import java.awt.*;
38
39 public class bug6691503 {
40 private JPopupMenu popupMenu;
41 private JFrame frame;
42 private boolean isAlwaysOnTop1 = false;
43 private boolean isAlwaysOnTop2 = true;
44
45 public static void main(String[] args) {
46 bug6691503 test = new bug6691503();
47 test.setupUI();
48 test.testApplication();
49 test.testApplet();
50 test.checkResult();
51 test.stopEDT();
52 }
53
54 private void setupUI() {
55 SwingUtilities.invokeLater(new Runnable() {
56 public void run() {
57 frame = new JFrame();
58 frame.setVisible(true);
59 popupMenu = new JPopupMenu();
60 JMenuItem click = new JMenuItem("Click");
61 popupMenu.add(click);
62 }
63 });
64 }
65
66 private void testApplication() {
67 SwingUtilities.invokeLater(new Runnable() {
68 public void run() {
69 popupMenu.show(frame, 0, 0);
70 Window popupWindow = (Window)
71 (popupMenu.getParent().getParent().getParent().getParent());
72 isAlwaysOnTop1 = popupWindow.isAlwaysOnTop();
73 System.out.println(
74 "Application: popupWindow.isAlwaysOnTop() = " + isAlwaysOnTop1);
75 popupMenu.setVisible(false);
76 }
77 });
78 }
79
80 private void testApplet() {
81 SwingUtilities.invokeLater(new Runnable() {
82 public void run() {
83 System.setSecurityManager(new SecurityManager());
84 popupMenu.show(frame, 0, 0);
85 Window popupWindow = (Window)
86 (popupMenu.getParent().getParent().getParent().getParent());
87 isAlwaysOnTop2 = popupWindow.isAlwaysOnTop();
88 System.out.println(
89 "Applet: popupWindow.isAlwaysOnTop() = " + isAlwaysOnTop2);
90 popupMenu.setVisible(false);
91 }
92 });
93 }
94
95 private void checkResult() {
96 ((SunToolkit)(Toolkit.getDefaultToolkit())).realSync();
97 if (!isAlwaysOnTop1 || isAlwaysOnTop2) {
98 throw new RuntimeException("Malicious applet can show always-on-top " +
99 "popup menu which has whole screen size");
100 }
101 System.out.println("Test passed");
102 }
103
104 private void stopEDT() {
105 SwingUtilities.invokeLater(new Runnable() {
106 public void run() {
107 frame.dispose();
108 }
109 });
110 }
111 }