Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

Why is Java Deployment Toolkit (click-to-play) blocked, also the referenced bug is closed and there are no security issues known in Version 7 U51?

  • 3 uphendule
  • 26 zinale nkinga
  • 663 views
  • Igcine ukuphendulwa ngu MG_DAU

more options

I think it is important to block unsecure addons. But if you do so there should be an open bug assigened. The referenced bug for this add-on is allready resolved so I do not know why this plugin is disabled. https://bugzilla.mozilla.org/show_bug.cgi?id=636633

I have the problem that I want to use Secure_Auth that is using the Java Deployment Kit in such a nasty way (via javascript) that firefox doesn't see that the deployment kit should be started. Therefore I will not be asked to allow this plugin always for this web site. Since there is no documentation available how to do this configuration in a config file I am stuck at the moment.

I'm a liitle bit suprised that blocking all versions (even secure versions) is a way to get a good user experience.

Regards

Martin

Isisombululo esikhethiwe

MG_DAU,

Why do you think that the problem is being caused by the Java Deployment Toolkit block, and not by Java itself? See http://www.java.com/en/download/faq/deployment_toolkit.xml and this document I found with a google search:

For general information on using Java on trusted sites, see:

Funda le mpendulo ngokuhambisana nalesi sihloko 👍 3

All Replies (3)

more options

MG_DAU wrote:

The referenced bug for this add-on is allready resolved so I do not know why this plugin is disabled. https://bugzilla.mozilla.org/show_bug.cgi?id=636633

That's a bug report in the Blocklisting component, meaning it's a request to add an add-on to the blocklist. The fact that it's marked as fixed means the add-on has been added to the blocklist.

Given that there's no way to disable Click-to-Play for this plug-in (the only options are Ask to Activate or Never Activate), if Firefox doesn't trigger a Click-to-Play prompt, I see no way to use it apart from disabling the entire blocklist. This carries a considerable security risk, as no plug-ins will be blocked or set to Click-to-Play, including known malware. If you're sure you want to go through with it, set extensions.blocklist.enabled to false in about:config.

more options

Isisombululo Esikhethiwe

MG_DAU,

Why do you think that the problem is being caused by the Java Deployment Toolkit block, and not by Java itself? See http://www.java.com/en/download/faq/deployment_toolkit.xml and this document I found with a google search:

For general information on using Java on trusted sites, see:

more options

Hi Alice,

thanks for your reply. Your answer is correct. Problem is linked to Java and not to the deployment toolkit.