From 5962226cc33de047946aca6522f020c97d663d2f Mon Sep 17 00:00:00 2001
From: Phil Race <prr@openjdk.org>
Date: Fri, 3 Feb 2023 16:28:03 +0000
Subject: [PATCH] 8300891: Deprecate for removal
 javax.swing.plaf.synth.SynthLookAndFeel.load(URL url)

Reviewed-by: serb, aivanov, kizune, psadhukhan
---
 .../swing/plaf/synth/SynthLookAndFeel.java      | 17 +++++++++++++++++
 .../plaf/synth/doc-files/synthFileFormat.html   |  7 +++++++
 2 files changed, 24 insertions(+)

diff --git a/src/java.desktop/share/classes/javax/swing/plaf/synth/SynthLookAndFeel.java b/src/java.desktop/share/classes/javax/swing/plaf/synth/SynthLookAndFeel.java
index 036088d1514..ca58ca7968b 100644
--- a/src/java.desktop/share/classes/javax/swing/plaf/synth/SynthLookAndFeel.java
+++ b/src/java.desktop/share/classes/javax/swing/plaf/synth/SynthLookAndFeel.java
@@ -615,6 +615,20 @@ public class SynthLookAndFeel extends BasicLookAndFeel {
      * <code>new URL(synthFile, path)</code>. Refer to
      * <a href="doc-files/synthFileFormat.html">Synth File Format</a> for more
      * information.
+     * <p>
+     * Whilst this API may be safe for loading local resources that are
+     * delivered with a {@code LookAndFeel} or application, and so have an
+     * equal level of trust with application code, using it to load from
+     * remote resources, particularly any which may have a lower level of
+     * trust, is strongly discouraged.
+     * The alternative mechanisms to load styles from an {@code InputStream}
+     * {@linkplain #load(InputStream, Class)}
+     * using resources co-located with the application or by providing a
+     * {@code SynthStyleFactory} to
+     * {@linkplain #setStyleFactory setStyleFactory(SynthStyleFactory)}
+     * are preferred.
+     * Consequently this method is deprecated and will be removed in a future
+     * release.
      *
      * @param url the <code>URL</code> to load the set of
      *     <code>SynthStyle</code> from
@@ -622,7 +636,10 @@ public class SynthLookAndFeel extends BasicLookAndFeel {
      * @throws IllegalArgumentException if synthSet is <code>null</code>
      * @throws IOException if synthSet cannot be opened as an <code>InputStream</code>
      * @since 1.6
+     * @deprecated Use {@link #load(InputStream, Class)} or
+     * {@link #setStyleFactory setStyleFactory(SynthStyleFactory)} instead
      */
+    @Deprecated(since = "21", forRemoval = true)
     public void load(URL url) throws ParseException, IOException {
         if (url == null) {
             throw new IllegalArgumentException(
diff --git a/src/java.desktop/share/classes/javax/swing/plaf/synth/doc-files/synthFileFormat.html b/src/java.desktop/share/classes/javax/swing/plaf/synth/doc-files/synthFileFormat.html
index f5c57af7625..b3c8118b404 100644
--- a/src/java.desktop/share/classes/javax/swing/plaf/synth/doc-files/synthFileFormat.html
+++ b/src/java.desktop/share/classes/javax/swing/plaf/synth/doc-files/synthFileFormat.html
@@ -70,6 +70,8 @@ div.example {
     <p>
       This example loads the look and feel from an input stream, using
       the specified class as the resource base to resolve paths.
+    </p>
+    <p>
       It is also possible to load a look and feel from an arbitrary URL
       as in the following example.
     </p>
@@ -94,6 +96,11 @@ div.example {
       <li>Remote JAR file, e.g.
         <code>jar:http://host/synth-laf.jar!/laf.xml</code></li>
     </ul>
+    <p>Note: Synth's file format allows for the definition of code to be executed.
+       Loading any code from a remote location should be used only
+       with extreme caution from a trusted source over a secure connection.
+       It is strongly discouraged for an application or a LookAndFeel to do so.
+    </p>
     <p>
       While the DTD for synth is specified, the parser is not validating.
       Parsing will fail only if a necessary attribute is not