为提升您的使用体验,本站正在维护,部分功能暂时无法使用。如果本站文章无法解决您的问题,您想要向社区提问的话,请到 Twitter 上的 @FirefoxSupport 或 Reddit 上的 /r/firefox 提问,我们的支持社区将会很快回复您的疑问。

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

话题已关闭并存档。 如果需要帮助请提出新问题。

FF blocks Java 7 update 45. Why? Explanation regards 7U11.

  • 9 个回答
  • 171 人有此问题
  • 5 次查看
  • 最后回复者为 philipp

more options

Have installed Java 7 update 45. Have both 32- and 64-bit versions installed from Oracle website.

Works in Chrome.

Firefox 24.0 displays error message stating that the Java plugin has known vulnerabilities.

On the support page there is a link to this explanation from January 2013 which regards Java 7 update 11. https://blog.mozilla.org/security/2013/01/11/protecting-users-against-java-vulnerability/

Does anyone have a permanent fix and preferably an explanation for this?

I know how to allow Java to run once as well as always on a specific site https://support.mozilla.org/en-US/kb/how-to-enable-java-if-its-been-blocked

What I'm wondering is why Firefox still blocks Java per default when Java has been updated many times since the explanation was written.

Thanks a bunch!

Have installed Java 7 update 45. Have both 32- and 64-bit versions installed from Oracle website. Works in Chrome. Firefox 24.0 displays error message stating that the Java plugin has known vulnerabilities. On the support page there is a link to this explanation from January 2013 which regards Java 7 update 11. https://blog.mozilla.org/security/2013/01/11/protecting-users-against-java-vulnerability/ Does anyone have a permanent fix and preferably an explanation for this? I know how to allow Java to run once as well as always on a specific site https://support.mozilla.org/en-US/kb/how-to-enable-java-if-its-been-blocked What I'm wondering is why Firefox still blocks Java per default when Java has been updated many times since the explanation was written. Thanks a bunch!

被采纳的解决方案

hello mort3n, from now on all versions of the java plugin (also the nominally most current ones) will be considered vulnerable by firefox and blocked per default. that's because of oracle's poor security record in the past, like sitting on unfixed vulnerabilities for months...

定位到答案原位置 👍 38

所有回复 (9)

more options

选择的解决方案

hello mort3n, from now on all versions of the java plugin (also the nominally most current ones) will be considered vulnerable by firefox and blocked per default. that's because of oracle's poor security record in the past, like sitting on unfixed vulnerabilities for months...

由philipp于修改

more options

hi philipp Thanks for your answer.

That infomation should be on the Firefox support page or even right in the browser error messages to avoid users spending time trying to solve a problem that cannot be solved.

Thanks again.

more options

thanks for the feedback, i'll see if we can get that updated information into the support articles quickly.

more options

Although I like this idea, you (Firefox dev) still need to provide a way to enable the plugin regardless.

I have already encountered 2 cases which break the user experience without giving an option to activate the plugin: 1. you're using Raritan for out-of-band management of computers 2. you're using HP iLO for out-of-band management of computers

in both cases Firefox does not present me with an option to enable Java. HP iLO uses javascript to call the applet. Raritan calls the applet from some other frame on login, and who knows what the applets are doing in the background.

I can't tell HP or any other vendor to switch their code to something else. Firefox should give me an option to enable Java or I'll have to switch to another browser. At that point, what's the use for Firefox? I can simply stay on the other browser forever.

The way this is currently implemented is breaking things. Fix it.

more options

hello lemsx just to avoid any misconceptions - we volunteers here in the support forums are mainly users like you (developers won't read here), so we cannot directly influence those decisions or changes.

the blocking is to be reverted in the meantime anyway because there have been bugs found on other webpages where the interface to activate the plugin momentarily wasn't shown properly. if you have other examples of sites where click-to-play is not working correctly, please file a bug at bugzilla.mozilla.org like it is requested at https://bugzilla.mozilla.org/show_bug.cgi?id=914690#c50, so it can be taken care of properly in a future version of the blocklisting. thank you!

more options

Philipp,

Thanks for the response... I realize now that the option to re-enable the plugin is shown if the toolbar for the address is shown. This is not the case for all users, one can simply deactivate all the toolbars (as I do since I use Vimperator extension).

That said, after reading through the documentation I was able to noticed that their is a new way to activate plugins which is only shown on the address bar!

On your note, developers should be reading these forums to get a feel for how good or bad they are breaking things for us the users. However, you're right and I should just file a bugzilla bug. Thanks

more options

How can I get Java(TM) Platform SE 7 U45 10.45.2.18 back into my Add-on's. It is missing from my Add-on list. I cannot find it to download. I have reinstalled Firefox, all to no avail. I have it on my laptop and Java works when I turn it on. Any suggestions

more options

I can't get Java to work for the following: http://jesnetplus.com/~rickynumber24/pq.html

My Java plug-in is set to "Ask to activate". Clicking on the little battery widget in the address bar shows

"Java(TM) Platform SE 7 U" is enabled on jesnetplus.com

However, I only get a pop-up with

Application Blocked. Click for details Your security settings have blocked an untrusted application from running.

Clicking on the "Details" button just brings up the Java Console: Java Plug-in 10.51.2.13

Clicking on either "Ignore" or "Reload" does nothing.

So I have two questions: 1) How do I get the details that really tell me what's blocking this applet? 2) How do I un-block the applet?

more options

hello Curmudgeon3, your issue with java 7 U51 is a separate one than originally discussed here. the message you were referring to isn't coming from firefox but from the java plugin itself - please refer to oracle's documentation: http://www.java.com/en/download/help/appsecuritydialogs.xml

thank you!