Skip to main content

Reply to "Java uploader "allow access to the following application""

May help:

Starting with 7u45, application developers can specify new JAR manifest file attributes:
Application-Name: This attribute provides a secure title for your RIA.
Caller-Allowable-Codebase: This attribute specifies the codebase/locations from which JavaScript is allowed to call Applet classes.
JavaScript to Java calls will be allowed without any security dialog prompt only if:
JAR is signed by a trusted CA, has the Caller-Allowable-Codebase manifest entry and JavaScript runs on the domain that matches it.
JAR is unsigned and JavaScript calls happens from the same domain as the JAR location.
The JavaScript to Java (LiveConnect) security dialog prompt is shown once per Applet classLoader instance.
Application-Library-Allowable-Codebase: If the JNLP file or HTML page is in a different location than the JAR file, the Application-Library-Allowable-Codebase attribute identifies the locations from which your RIA can be expected to be started.
If the attribute is not present or if the attribute and location do not match, then the location of the JNLP file or HTML page is displayed in the security prompt shown to the user.
Note that the RIA can still be started in any of the above cases.
Restore Security Prompts:
A new button is available in the Java Control Panel (JCP) to clear previously remembered trust decisions. A trust decision occurs when the user has selected the Do not show this again option in a security prompt. To show prompts that were previously hidden, click Restore Security Prompts. When asked to confirm the selection, click Restore All. The next time an application is started, the security prompt for that application is shown.

Sooo... i did some digging. It turns out the problem is that Auctiva is not signing the JAR and adding the correct manifest entry. So... not a java problem, it's an Auctiva problem. I am looking into creating a Rule Set so I may not be annoyed anymore....

Nope, on second thought... not gonna do it. I would have to sign the ruleset jar and I'm not paying for that... let alone the pain to configure greasemonkey to replace the applet that is called on the auctiva page with my own...
Copyright © 1999-2018 All rights reserved.