On 31 Jul 2012, at 08:15, Rzepa Henry <[email protected]> wrote: > > On 26 Jul 2012, at 11:32, "Greeves, Nick" <[email protected]> wrote: > > > Can anyone reproduce this? Although doing the above allows OS X Mountain > lion to run signed Jmol from a remote server, trying to run the same from a > local hard drive produces the message "You do not have Java applets enabled > in your web browser, or your browser is blocking this applet" (which comes > from jmol.js). I have tried this on two quite separate Mountain Lion > installs with the same result. > > However, it is specific to Safari; Chrome and Firefox are fine on the same > systems (i.e. Java is present). >
I have found an answer to my own question. There is a new setting in Safari, accessed only through the developer menu (which is off by default) called "Disable local file restrictions". It would appear that Apple, via Safari are now implementing a sandboxing policy by default, which in effect allows Safari to access only to its own trusted files (this policy taken from IOS). Apparently, if a Java applet is local, it does not (by default) belong to the Safari sandbox, and hence is prevented from running within the Java virtual environment in that browser. I guess Apple was stung by a Mac Trojan a month or so back which was embedded in a Java applet, and has decided that local applets have by default to be treated as potential security vectors. Lets hope that this entry in the developers menu continues to remain. I have to wonder whether third party developers such as Google (Chrome) and Mozilla (Firefox) will be forced by Apple to adopt similar policies on OS X. Thus for example, if you want to take advantage of another recently introduced technology, Apple's cloud, you only have access to the API if you distribute via their App store. Currently, And the cloud is similarly sandboxed. Chrome and Firefox are not distributed in this manner. I am also intrigued by how WebGL can only be switched on in IOS by having access to an Apple ID which is registered as a developer. No normal user can switch WebGL on. I read somewhere that, like Java, there may be subtle security issues hidden in the use of WebGL (although this does sound far fetched). I mention WebGL because Bob's excellent merging of scripts for both Jmol and GLMol is only effective if WebGL is on (i.e. not possible for regular users of IOS). Has anyone yet spotted any WebGL on by default in Android-land? Does it have to be switched on there by invoking developer mode again? ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Jmol-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jmol-users
