Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > News > Mac News > Apple adds site-specific controls to Java, updates Safari

Apple adds site-specific controls to Java, updates Safari
Thread Tools
MacNN Staff
Join Date: Jul 2012
Status: Offline
Reply With Quote
Apr 16, 2013, 09:00 PM
 
Apple on Tuesday updated both Java and its web browser Safari for users of OS X 10.6.8 (Snow Leopard) and higher. The updates now allow users to enable the Java web plug-in on a site-by-site basis, as opposed to the "active" or "inactive" options it had previously. Following a spate of serious issues, Apple forcibly disabled the Java plug-in because of malicious, in-use threats -- though users could reactivate Java once they updated.

Safari has now been updated to version 6.0.4 for OS X Lion and Mountain Lion (10.7.x and 10.8.x, respectively), and version 5.1.7 for Snow Leopard (10.6.8). The only listed change in the 6.x version is the ability of the browser to ask the user if they would like the Java plug-in activated for a particular site, having detected the use of Java on that page.

The intention is to make it easier for users to quickly add trusted sites that employ Java to the "whitelist" while keeping the plug-in inactive on unfamiliar or untrusted sites. Users can also manage settings, choosing to always allow Java on some sites and always block it on others, or ask on each occasion or allow on a one-time basis.

While Java has seen greatly-declining use on many web pages -- in part due to its ongoing security issues -- it is still required for some applets and other users on a variety of sites. For example, a casual game-player might want to keep Java "always on" when visiting a game site like pogo.com, but off for most other sites where Java isn't mandatory for the site's functionality. Safari will now show a "blocked plug-in" message where a Java element is present but not active, and should a serious security issue emerge in the present version Apple would likely disable the plug-in again until users updated to a patched version.

The Snow Leopard version of the latest Safari takes the opportunity to includes some addition updates and fixes. Version 5.1.7 improves performance when the system is low on memory, automatically disables versions of Adobe Flash that aren't up-to-date for security reasons (though it provides the option for users to download the latest version for their system), and fixes a pair of other bugs. One of the issues could prevent webpages from responding to the pinch-to-zoom gesture on trackpads or Magic Mouse devices, while the other affected some websites that used forms to authenticate users.

In addition, Apple has updated Java for system on 10.6.8 and later. For Snow Leopard, the update is called Java for Mac OS X 10.6 Update 15, and upgrades Java SE 6 to version 1.6.0_45 as well as enabling site-by-site control of the plug-in in connection. For Lion and Mountain Lion, the update is referred to as Java for OS X 2013-003 and again updates any installations of Java SE 6 to version 1.6.0_45.

On systems that haven't already installed Java for OS X 2012-006, the update will disable the Java SE 6 web plug-in completely (users will still have the option to update to the latest version of Java SE 7, or install the 2012-006 update). Java applets outside of web browsers will continue to function normally. Lion and Mountain Lion users can also install Java SE 7 directly from Oracle's website in order to run the most recent version of Java, which has already been updated to deal with the previous security threats. Apple does not post updates to Java SE 7, having relinquished responsibility for it to Oracle with the release of Lion.


( Last edited by NewsPoster; Apr 17, 2013 at 06:07 AM. )
     
Professional Poster
Join Date: Sep 1999
Location: Ottawa, ON, Canada
Status: Offline
Reply With Quote
Apr 17, 2013, 12:49 PM
 
This is a great feature. There are many institutions which require java clients for access to their systems.
     
Dedicated MacNNer
Join Date: Jan 2007
Location: SF
Status: Offline
Reply With Quote
Apr 17, 2013, 04:40 PM
 
in Java applets, where a text field is drawn on screen, but the actual active entry point is around half an inch higher, or it doesn't accept input at all.
The previous workaround was to move the applet window, or to command+tab to another application and back again.

No longer an issue!

Be aware that the disabling of a known vulnerable version of a Java component is still a possibility. This won't assure uninterrupted use of a significantly vulnerable Java component.
     
   
Thread Tools
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Top
Privacy Policy
All times are GMT -4. The time now is 05:30 AM.
All contents of these forums © 1995-2014 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2014, Jelsoft Enterprises Ltd., Content Relevant URLs by vBSEO 3.3.2