[FoRK] Javascript plugins are now officially dead

Stephen D. Williams sdw at lig.net
Mon Feb 22 14:27:47 PST 2016

I tried to use that exception mechanism and it wouldn't work.  Try to play the Processing sketches here, even with exceptions:

Doesn't work for me for Firefox or Chrome on MacOSX.  For a while, now long ago, Java applets had a lot of advantages.  Once 
Javascript was optimized, and especially since it has been expanded and renovated several times while the security has been 
hardened, applets were weak but at least existing applets were useful.  Now users have to jump through hoops to use anything not 
signed properly (i.e. everything legacy).  That takes if from pretty much dying to definitely dying.

Since it is being strongly challenged on the backend (Node, Go, C++), the corporate momentum and Android are the only strong areas 
left.  And Android already has alternatives, with Javascript, go, and Swift all coming on strong.

On the other hand, GWT has been updated recently if you really have to have Java everywhere.  But you can't do the same things with 
that.  There has been no point in applets for a while, now it's over.


On 2/22/16 7:55 AM, Mark Day wrote:
> Hi Stephen,
> Not sure I agree. Looks like there's still a site-based exception mechanism to allow for legacy apps on a case-by-case basis. What would you see as a better way to provide motivation to move to a more-secure model?
> --Mark
> On Sun, 21 Feb 2016 20:46:06 -0800, "Stephen D. Williams" <sdw at lig.net> wrote:
>> What a punt, finally giving up on the sandbox apparently.  Oracle has now killed browser Java.  Limiting running code to that which
>> has been signed invalidates all existing deployment.  I guess we're going to need a cross-compile of the JVM to Javascript so that
>> we can run historical artifacts.
>> http://java.com/en/download/help/jcp_security.xml
>> Even exceptions are added to the Java Control Panel exceptions, which no user will do, it doesn't work.
>> sdw

More information about the FoRK mailing list