-
Notifications
You must be signed in to change notification settings - Fork 2k
Expand file tree
/
Copy pathGetClassGetResource.qhelp
More file actions
59 lines (44 loc) · 2.49 KB
/
GetClassGetResource.qhelp
File metadata and controls
59 lines (44 loc) · 2.49 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
<!DOCTYPE qhelp PUBLIC
"-//Semmle//qhelp//EN"
"qhelp.dtd">
<qhelp>
<overview>
<p>Using the <code>Class.getResource</code> method is a common way of including
some non-code resources with an application.</p>
<p>There are problems when this is called using <code>x.getClass().getResource()</code>,
for some variable <code>x</code>. This is not a safe way to retrieve a resource. The method
<code>getClass</code> returns the <em>run-time</em> class of <code>x</code> (that is, its actual, "most
derived" class, rather than its declared type), which causes two potential problems:</p>
<ul>
<li>If the run-time type of the receiving object is a subclass of the declared type and is in
a different package, the resource path may be interpreted differently. According to
its contract, <code>Class.getResource</code> qualifies non-absolute paths with the
current package name, thus potentially returning a different resource or failing to find
the requested resource.</li>
<li><code>Class.getResource</code> delegates finding the resource to the class loader that loaded the class.
At run time, there is no guarantee that all subclasses of
a particular type are loaded by the same class loader, resulting in resource lookup
failures that are difficult to diagnose.</li>
</ul>
</overview>
<recommendation>
<p>Rather than using the <code>getClass</code> method, which relies on dynamic dispatch
and run-time types, use <code>class</code> literals instead. For example, instead of calling
<code>getClass().getResource()</code> on an object of type <code>Foo</code>,
call <code>Foo.class.getResource()</code>. Class literals always refer to the
declared type they are used on, removing the dependency on run-time types.</p>
</recommendation>
<example>
<p>In the following example, the calls to <code>getPostalCodes</code> return different results,
depending on which class the call is made on: the class <code>Address</code> is in the package
<code>framework</code> and the class <code>UKAddress</code> is in the package <code>client</code>.</p>
<sample src="GetClassGetResource.java" />
<p>In the following corrected example, the implementation of <code>getPostalCodes</code> is changed
so that it always calls <code>getResource</code> on the same class.</p>
<sample src="GetClassGetResourceGood.java" />
</example>
<references>
<li>Java Platform, Standard Edition 7, API Specification:
<a href="http://docs.oracle.com/javase/7/docs/api/java/lang/Class.html#getResource(java.lang.String)">class.getResource()</a>.</li>
</references>
</qhelp>