On 10/10/2013 3:46 PM, Thierry Milard wrote:
Benjamin, here is my description of the java Plugin activation issue I
do have.
*
*
*1) Warning sign not displayd upper left when applet is in the middle*
The "No entry sign" is displaid on the upper left of the html page,
not placed where my java programm is placed.
I do not understand why.
This is surprising. Can you file a bug (cc me) with a minimal testcase?
*
*
*2) "A red no entry sign" is too radical for recent java player I think.*
My users give me a phone call to tell me "No way I will accept to
install your software with this red warning"... Even the people who
know me, tell me they got so scared they have really hesitated to
accept java. Now I do understand at a time when java had urgent
security issue this scary red-message was necessary. But I really wish
that Firefox checks the java version installed ... and give a
less-scary-warning-sign if the user has a recent java version (like
the latest on java 1.7 update 30).
We fundamentally disagree about the risks of the Java plugin. We believe
the Java plugin is unsafe, and we want to present that to our users.
I don't see this kind of scary warning signs for Flash player, is it ?
No. We work closely with the Flash team on security issues, and we have
much greater confidence that security issues are handled promptly.
*3) My (jnlp) script that checks the java version [for security] is
crushed by click-to-run firefox system.*
Here is my behavior : I check that the user has the latest java. If it
has an old, I redirect the page to java.com <http://java.com> dowlod
page, so he can downloads the latest java.
This is my script.
Now the result with firefox blocking java from the start gives this :
- When a users that HAS-THE-LATEST-java opens my page, my script
detect (wrongly) .... NO JAVA INSTALLED-- and it opens the java.com
<http://java.com> dowload page.
Shit, I am scared : The user has only halp a second to click on
the url to "accept the plugin", before it refrehes to java.com
<http://java.com> page.
You need to fix your site. There are a couple of signals here:
* if ('application/x-java-applet' in navigator.mimeTypes) then the user
has a Java plugin installed
* your code should not create a plugin and immediately try to script it.
Instead you should create the plugin and the plugin should make a
callback into the browser to inform the browser when it has been
created. This is important not only for click-to-play, but because
browsers may choose to asynchronously create a plugin and you don't want
to have race conditions.
*4) Plugin activation is only on the (left of) URL, sadly not elsewhere:*
The biggest complains I have is that I do not see a second place in
Firefox (rather than at the left of url) where I can manually say :
"allow and remember to accept java plugin the web site-site
www.xxxx.xyz"'. Because in my case www.free-visit.com
<http://www.free-visit.com> (and also of www.sweethome3d.com
<http://www.sweethome3d.com> ) there is no time to click on the url.
I don't understand what you mean. The normal activation method is for
the user to click on the blocked plugin itself. This opens up the menu
and allows the user to choose "Allow Now" or "Allow Always" for your site.
--BDS
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
