Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

이 쓰레드는 잠기고 보존되었습니다. 만약 도움이 필요하시면 새로운 질문을 올려주세요.

FF blocks Java 7 update 45. Why? Explanation regards 7U11.

  • 9 답장
  • 171 이 문제를 만남
  • 1 보기
  • 최종 답변자: philipp

more options

Have installed Java 7 update 45. Have both 32- and 64-bit versions installed from Oracle website.

Works in Chrome.

Firefox 24.0 displays error message stating that the Java plugin has known vulnerabilities.

On the support page there is a link to this explanation from January 2013 which regards Java 7 update 11. https://blog.mozilla.org/security/2013/01/11/protecting-users-against-java-vulnerability/

Does anyone have a permanent fix and preferably an explanation for this?

I know how to allow Java to run once as well as always on a specific site https://support.mozilla.org/en-US/kb/how-to-enable-java-if-its-been-blocked

What I'm wondering is why Firefox still blocks Java per default when Java has been updated many times since the explanation was written.

Thanks a bunch!

Have installed Java 7 update 45. Have both 32- and 64-bit versions installed from Oracle website. Works in Chrome. Firefox 24.0 displays error message stating that the Java plugin has known vulnerabilities. On the support page there is a link to this explanation from January 2013 which regards Java 7 update 11. https://blog.mozilla.org/security/2013/01/11/protecting-users-against-java-vulnerability/ Does anyone have a permanent fix and preferably an explanation for this? I know how to allow Java to run once as well as always on a specific site https://support.mozilla.org/en-US/kb/how-to-enable-java-if-its-been-blocked What I'm wondering is why Firefox still blocks Java per default when Java has been updated many times since the explanation was written. Thanks a bunch!

선택된 해결법

hello mort3n, from now on all versions of the java plugin (also the nominally most current ones) will be considered vulnerable by firefox and blocked per default. that's because of oracle's poor security record in the past, like sitting on unfixed vulnerabilities for months...

문맥에 따라 이 답변을 읽어주세요 👍 38

모든 댓글 (9)

more options

선택된 해결법

hello mort3n, from now on all versions of the java plugin (also the nominally most current ones) will be considered vulnerable by firefox and blocked per default. that's because of oracle's poor security record in the past, like sitting on unfixed vulnerabilities for months...

글쓴이 philipp 수정일시

more options

hi philipp Thanks for your answer.

That infomation should be on the Firefox support page or even right in the browser error messages to avoid users spending time trying to solve a problem that cannot be solved.

Thanks again.

more options

thanks for the feedback, i'll see if we can get that updated information into the support articles quickly.

more options

Although I like this idea, you (Firefox dev) still need to provide a way to enable the plugin regardless.

I have already encountered 2 cases which break the user experience without giving an option to activate the plugin: 1. you're using Raritan for out-of-band management of computers 2. you're using HP iLO for out-of-band management of computers

in both cases Firefox does not present me with an option to enable Java. HP iLO uses javascript to call the applet. Raritan calls the applet from some other frame on login, and who knows what the applets are doing in the background.

I can't tell HP or any other vendor to switch their code to something else. Firefox should give me an option to enable Java or I'll have to switch to another browser. At that point, what's the use for Firefox? I can simply stay on the other browser forever.

The way this is currently implemented is breaking things. Fix it.

more options

hello lemsx just to avoid any misconceptions - we volunteers here in the support forums are mainly users like you (developers won't read here), so we cannot directly influence those decisions or changes.

the blocking is to be reverted in the meantime anyway because there have been bugs found on other webpages where the interface to activate the plugin momentarily wasn't shown properly. if you have other examples of sites where click-to-play is not working correctly, please file a bug at bugzilla.mozilla.org like it is requested at https://bugzilla.mozilla.org/show_bug.cgi?id=914690#c50, so it can be taken care of properly in a future version of the blocklisting. thank you!

more options

Philipp,

Thanks for the response... I realize now that the option to re-enable the plugin is shown if the toolbar for the address is shown. This is not the case for all users, one can simply deactivate all the toolbars (as I do since I use Vimperator extension).

That said, after reading through the documentation I was able to noticed that their is a new way to activate plugins which is only shown on the address bar!

On your note, developers should be reading these forums to get a feel for how good or bad they are breaking things for us the users. However, you're right and I should just file a bugzilla bug. Thanks

more options

How can I get Java(TM) Platform SE 7 U45 10.45.2.18 back into my Add-on's. It is missing from my Add-on list. I cannot find it to download. I have reinstalled Firefox, all to no avail. I have it on my laptop and Java works when I turn it on. Any suggestions

more options

I can't get Java to work for the following: http://jesnetplus.com/~rickynumber24/pq.html

My Java plug-in is set to "Ask to activate". Clicking on the little battery widget in the address bar shows

"Java(TM) Platform SE 7 U" is enabled on jesnetplus.com

However, I only get a pop-up with

Application Blocked. Click for details Your security settings have blocked an untrusted application from running.

Clicking on the "Details" button just brings up the Java Console: Java Plug-in 10.51.2.13

Clicking on either "Ignore" or "Reload" does nothing.

So I have two questions: 1) How do I get the details that really tell me what's blocking this applet? 2) How do I un-block the applet?

more options

hello Curmudgeon3, your issue with java 7 U51 is a separate one than originally discussed here. the message you were referring to isn't coming from firefox but from the java plugin itself - please refer to oracle's documentation: http://www.java.com/en/download/help/appsecuritydialogs.xml

thank you!