BATIK-1345: Restrict what java classes can be run thru rhino
git-svn-id: https://svn.apache.org/repos/asf/xmlgraphics/batik/trunk@1904549 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/batik-script/src/main/java/org/apache/batik/script/rhino/RhinoClassShutter.java b/batik-script/src/main/java/org/apache/batik/script/rhino/RhinoClassShutter.java
index f6524f6..6f6b061 100644
--- a/batik-script/src/main/java/org/apache/batik/script/rhino/RhinoClassShutter.java
+++ b/batik-script/src/main/java/org/apache/batik/script/rhino/RhinoClassShutter.java
@@ -20,6 +20,9 @@
import org.mozilla.javascript.ClassShutter;
+import java.util.Arrays;
+import java.util.List;
+
/**
* Class shutter that restricts access to Batik internals from script.
*
@@ -27,6 +30,7 @@
* @version $Id$
*/
public class RhinoClassShutter implements ClassShutter {
+ private static final List<String> WHITELIST = Arrays.asList("java.io.PrintStream", "java.lang.System", "java.net.URL");
/*
public RhinoClassShutter() {
@@ -55,6 +59,10 @@
* Returns whether the given class is visible to scripts.
*/
public boolean visibleToScripts(String fullClassName) {
+ if (fullClassName.startsWith("java.") && !WHITELIST.contains(fullClassName) && !fullClassName.endsWith("Permission")) {
+ return false;
+ }
+
// Don't let them mess with script engine's internals.
if (fullClassName.startsWith("org.mozilla.javascript"))
return false;