Avatar for Username

Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Learn More

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

Why is Java Deployment Toolkit (click-to-play) blocked, also the referenced bug is closed and there are no security issues known in Version 7 U51?

  • 3 antwoorden
  • 26 hebben dit probleem
  • 50 weergaven
  • Laatste antwoord van MG_DAU

MG_DAU
MG_DAU
more options

I think it is important to block unsecure addons. But if you do so there should be an open bug assigened. The referenced bug for this add-on is allready resolved so I do not know why this plugin is disabled. https://bugzilla.mozilla.org/show_bug.cgi?id=636633

I have the problem that I want to use Secure_Auth that is using the Java Deployment Kit in such a nasty way (via javascript) that firefox doesn't see that the deployment kit should be started. Therefore I will not be asked to allow this plugin always for this web site. Since there is no documentation available how to do this configuration in a config file I am stuck at the moment.

I'm a liitle bit suprised that blocking all versions (even secure versions) is a way to get a good user experience.

Regards

Martin

I think it is important to block unsecure addons. But if you do so there should be an open bug assigened. The referenced bug for this add-on is allready resolved so I do not know why this plugin is disabled. https://bugzilla.mozilla.org/show_bug.cgi?id=636633 I have the problem that I want to use Secure_Auth that is using the Java Deployment Kit in such a nasty way (via javascript) that firefox doesn't see that the deployment kit should be started. Therefore I will not be asked to allow this plugin always for this web site. Since there is no documentation available how to do this configuration in a config file I am stuck at the moment. I'm a liitle bit suprised that blocking all versions (even secure versions) is a way to get a good user experience. Regards Martin

Gekozen oplossing

MG_DAU,

Why do you think that the problem is being caused by the Java Deployment Toolkit block, and not by Java itself? See http://www.java.com/en/download/faq/deployment_toolkit.xml and this document I found with a google search:

For general information on using Java on trusted sites, see:

Dit antwoord in context lezen 👍 3

Alle antwoorden (3)

Gingerbread Man
Gingerbread Man
more options

MG_DAU wrote: 

The referenced bug for this add-on is allready resolved so I do not know why this plugin is disabled. https://bugzilla.mozilla.org/show_bug.cgi?id=636633

That's a bug report in the Blocklisting component, meaning it's a request to add an add-on to the blocklist. The fact that it's marked as fixed means the add-on has been added to the blocklist.

Given that there's no way to disable Click-to-Play for this plug-in (the only options are Ask to Activate or Never Activate), if Firefox doesn't trigger a Click-to-Play prompt, I see no way to use it apart from disabling the entire blocklist. This carries a considerable security risk, as no plug-ins will be blocked or set to Click-to-Play, including known malware. If you're sure you want to go through with it, set extensions.blocklist.enabled to false in about:config.

AliceWyman
AliceWyman
  • Moderator
more options

Gekozen oplossing

MG_DAU,

Why do you think that the problem is being caused by the Java Deployment Toolkit block, and not by Java itself? See http://www.java.com/en/download/faq/deployment_toolkit.xml and this document I found with a google search:

For general information on using Java on trusted sites, see:

MG_DAU
MG_DAU Vraageigenaar
more options

Hi Alice,

thanks for your reply. Your answer is correct. Problem is linked to Java and not to the deployment toolkit.