Windows 10 will reach EOS (end of support) on October 14, 2025. For more information, see this article.

Avatar for Username

Iskanje po podpori

Izogibajte se prevarantski tehnični podpori. Nikoli vam ne bomo naročili, da pokličete telefonsko številko ali nam pošljete osebne podatke. Sumljivo dejavnost prijavite z gumbom »Prijavi zlorabo«.

Več o tem

Ta tema je arhivirana. Postavite prosim novo vprašanje, če potrebujete pomoč.

Why is Java Deployment Toolkit (click-to-play) blocked, also the referenced bug is closed and there are no security issues known in Version 7 U51?

  • 3 odgovori
  • 26 ima to težavo
  • 5 ogledov
  • Zadnji odgovor od MG_DAU

MG_DAU
MG_DAU
more options

I think it is important to block unsecure addons. But if you do so there should be an open bug assigened. The referenced bug for this add-on is allready resolved so I do not know why this plugin is disabled. https://bugzilla.mozilla.org/show_bug.cgi?id=636633

I have the problem that I want to use Secure_Auth that is using the Java Deployment Kit in such a nasty way (via javascript) that firefox doesn't see that the deployment kit should be started. Therefore I will not be asked to allow this plugin always for this web site. Since there is no documentation available how to do this configuration in a config file I am stuck at the moment.

I'm a liitle bit suprised that blocking all versions (even secure versions) is a way to get a good user experience.

Regards

Martin

I think it is important to block unsecure addons. But if you do so there should be an open bug assigened. The referenced bug for this add-on is allready resolved so I do not know why this plugin is disabled. https://bugzilla.mozilla.org/show_bug.cgi?id=636633 I have the problem that I want to use Secure_Auth that is using the Java Deployment Kit in such a nasty way (via javascript) that firefox doesn't see that the deployment kit should be started. Therefore I will not be asked to allow this plugin always for this web site. Since there is no documentation available how to do this configuration in a config file I am stuck at the moment. I'm a liitle bit suprised that blocking all versions (even secure versions) is a way to get a good user experience. Regards Martin

Izbrana rešitev

MG_DAU,

Why do you think that the problem is being caused by the Java Deployment Toolkit block, and not by Java itself? See http://www.java.com/en/download/faq/deployment_toolkit.xml and this document I found with a google search:

For general information on using Java on trusted sites, see:

Preberite ta odgovor v kontekstu 👍 3

Vsi odgovori (3)

Gingerbread Man
Gingerbread Man
more options

MG_DAU wrote: 

The referenced bug for this add-on is allready resolved so I do not know why this plugin is disabled. https://bugzilla.mozilla.org/show_bug.cgi?id=636633

That's a bug report in the Blocklisting component, meaning it's a request to add an add-on to the blocklist. The fact that it's marked as fixed means the add-on has been added to the blocklist.

Given that there's no way to disable Click-to-Play for this plug-in (the only options are Ask to Activate or Never Activate), if Firefox doesn't trigger a Click-to-Play prompt, I see no way to use it apart from disabling the entire blocklist. This carries a considerable security risk, as no plug-ins will be blocked or set to Click-to-Play, including known malware. If you're sure you want to go through with it, set extensions.blocklist.enabled to false in about:config.

AliceWyman
AliceWyman
  • Moderator
more options

Izbrana rešitev

MG_DAU,

Why do you think that the problem is being caused by the Java Deployment Toolkit block, and not by Java itself? See http://www.java.com/en/download/faq/deployment_toolkit.xml and this document I found with a google search:

For general information on using Java on trusted sites, see:

MG_DAU
MG_DAU Lastnik vprašanja
more options

Hi Alice,

thanks for your reply. Your answer is correct. Problem is linked to Java and not to the deployment toolkit.