This sounds like a very good idea from Mozilla, any reasons why this shouldn't be implemented, or at least offered during install/upgrade, in future Pale Moon builds?
After all, it only affects the browser, other programs (thinking mainly business software here) can still use it.
It won't affect me, after seeing for myself that it's almost impossible to stop IE triggering a Java attempted exploit even when the Java plugin is disabled in IE, I no longer have Java installed!
Blocklisting Older Versions of Java
Forum rules
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.
This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.
Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.
This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.
Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
Re: Blocklisting Older Versions of Java
Thanks Cym. I knew about the problem already and it's a good idea to push it out through the blocklist, since the particular exploit seems to be popping up in the wild now.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: Blocklisting Older Versions of Java
aaaand... pushed.
Everyone will get an update within a day.
Everyone will get an update within a day.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: Blocklisting Older Versions of Java
I'm pleased you're pushing it 
It may have been that same exploit that I was testing PM and IE against with Java disabled - Pale Moon won (forewarned by Google's Safe Browsing anyway), Windows, esp. IE9+SmartScreenFilter lost - badly.Moonchild wrote: ... since the particular exploit seems to be popping up in the wild now.
Re: Blocklisting Older Versions of Java
I'd better make a Facebook/Twitter post about it before people start screaming that their java is blocked...
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: Blocklisting Older Versions of Java
Does the update-checker check for the existence of the Java plugin? I just did an update check from 2 machines and they're both up to date - but I don't have Java now anyway.
Maybe the push isn't active yet?
And the Mozilla plugincheck page still says: "Missing JAVA? For your safety, Firefox has disabled your outdated version of Java. Please upgrade to the latest version.".
No it didn't disable Java, I don't have it installed, I don't want Java!
I wish they'd rephrase it to something like: "If your browser really needs to use Java for certain websites or functions, please uninstall all older versions before installing the latest version.", I know they need to try to keep it simple but it reads almost as if you MUST run Java
Maybe the push isn't active yet?
And the Mozilla plugincheck page still says: "Missing JAVA? For your safety, Firefox has disabled your outdated version of Java. Please upgrade to the latest version.".
No it didn't disable Java, I don't have it installed, I don't want Java!
I wish they'd rephrase it to something like: "If your browser really needs to use Java for certain websites or functions, please uninstall all older versions before installing the latest version.", I know they need to try to keep it simple but it reads almost as if you MUST run Java
Re: Blocklisting Older Versions of Java
The push is active, but it depends on when your browser last updated the blocklist from the server.
If you don't have the java plugin installed, you won't get a message.
As for your error, I'm not sure that that is all about -- probably AMO being a derp again.
If you don't have the java plugin installed, you won't get a message.
As for your error, I'm not sure that that is all about -- probably AMO being a derp again.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: Blocklisting Older Versions of Java
I don't think it's an error message, it feels more like their standard blurb if no Java's detected or the plugin's disabled. I checked using my XP laptop with same result and that's never had any Java (or .NET to show I'm not biased ^^) installed.Moonchild wrote:As for your error, I'm not sure that that is all about -- probably AMO being a derp again.
Re: Blocklisting Older Versions of Java
Ah so it's lazy - "no java detected = show the message, because *everyone* has Java, right?"
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
Re: Blocklisting Older Versions of Java
That's my feeling, yes. From a security standpoint, I'd say that's "A very bad thing".Moonchild wrote:Ah so it's lazy - "no java detected = show the message, because *everyone* has Java, right?"
Re: Blocklisting Older Versions of Java
Ah, it's only going through tools > ... > plugincheck that I see the Java thing - accessing https://www.mozilla.org/en-US/plugincheck/ directly says nothing about Java.