2 Replies Latest reply: Dec 31, 2012 2:59 AM by karthago RSS

    Blocking Java applet / <params> tag

    karthago

      Hi,

       

      i'm trying to block java applets in IE, which seems quite easy using the HTML.Element.Name / HTML.Element.Attribute properties.

      But how can i prevent this code from being executed (as demonstrated on http://www.w3.org/People/mimasa/test/object/java/):

       

      <p><object id="game3" classid="clsid:8AD9C840-044E-11D1-B3E9-00805F499D93"

      standby="The Java applet is loading..." height="500" width="800" name="game3"

      codebase="http://java.sun.com/products/plugin/autodl/jinstall-1_4_0-win.cab">

      <param name="code" value="Othello.class">

      <param name="archive" value="Othello.jar">

      <param name="codebase" value="applets/">

      <param name="type" value="application/x-java-applet;version=1.4">

      Othello

      </object></p>

       

      Maybe blocking the "classid" attribute could do the job, but i would prefer accessing the values in the <param>-tag. Is this possible?

       

      Product Version is McAfee Web Gateway 7.1.6.

       

      Thanks for you help!!

        • 1. Re: Blocking Java applet / <params> tag
          eelsasser

          Using the HTML opener and stripping out the tags is one method of doing this, but an easier medod is to block the downloading of the java applet in the first place when the .class or .jar file is being downloaded initially.

           

          You can block Download Media Types of application/java-vm.

           

          Capture3.png

           

          This can prevent the downloading of the applets without having to manipulate the HTML

          Capture1.png

          Capture2.png

           

          The only challenge with this is if the applet has been previously cached on the PC, it doesn't download again and uses the cached version instead.

          So lcear your browser and java cache before testing to make sure it works.

           

          • 2. Re: Blocking Java applet / <params> tag
            karthago

            Thanks, this works for me. I will keep both the Media Type filtering and HTML filtering rule sets, because i want to display some user information in case an applet gets blocked - Media Type Filtering just blocks the java executable and the java vm stops loading / throws a java exception.

             

            HTML Filter:

            capture1.jpg