Hello,
I have tried the following ACL under the last squid 3.2.6 release to
block Java Applet if Java 7 version is update 01 to update 10 (Just
allowing Java 7 update 11).
acl Java_UA browser Java/1\.7\.0_0 Java/1\.7\.0_10
...
http_access deny Java_UA
...
deny_info ERR_JAVA_BROWSER Java_UA
With Java 7 release other than update 11 applet is effectively not
executed and update 11 are executed.
However it's not really OK :
- Customized HTML Error message ERR_JAVA_BROWSER is not displayed
I have tried first a simple HTML file for ERR_JAVA_BROWSER then an
Applet
displaying a message. Both don't work.
Thank's for help.
# cat ERR_JAVA_BROWSER
<html>
<head>
<title>
Java FTP
</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<h1>Java Check</h1>
<object type="application/x-java-applet"
title="Java Check"
code="JavaBrowser.class"
hspace="20"
vspace="5"
width="400"
height="80"
border="2"
standby="Chargement applet Java Check ..."
>
</object>
Your web browser use a vunerable Java 7 release.
Please update to update 11.
</body>
</html>
PS.
I known that update 11 is also non secure
Received on Fri Jan 25 2013 - 13:32:26 MST
This archive was generated by hypermail 2.2.0 : Fri Jan 25 2013 - 12:00:05 MST