Hi,
The
answer in one sentece:
This is something that depends on the behaviour of the java plugin,
the current default security restrictions (from 7u25 in Java7 and
from 6u51 in Java6 ) disable the javascript to java communication in
java versions older than 7u51 and 6u71.
The
detailed answer:
That is the defined behaviour of the java plugin, you can find more
information about the security baseline and its impacts here:
https://blogs.oracle.com/java-platform-group/entry/updated_security_baseline_7u45_impacts />
The current security baseline is 7u51 and 6u71, which means that the
liveconnect feature (which serves the javascript to java
communication) is disabled. Marvin applets are signed with a trusted
certificate issued by a Root Certificate Authority so the signing is
not a problem with the applet, but the missing of the liveconnect
feature is.
This is the default behaviour when the security baseline is
increased, as it happened now.
The security baseline has two components, one of them is an online
check for the current security baseline version, if the client
version is lower then the baseline, the liveconnect feature is
disabled. The other is an exact date, which is February 14 2014 for
the 7u45 java plugin, after that date clients that can not reach the
oracle servers to query the current security baseline, are also will
disable the liveconnect feature with the default security level
which is High. About security levels you can find info here: http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/jcp.html#security />
What to do?
If your Java version is affected, you have to upgrade your Java
plugin to the latest version (currently it is 7u51).
Regards,
István Őri