2. change security.enable_java to false
3. quit browser
expect security.enable_java to remain false.
actual security.enable_java is still true.
Mac OS, but not Windows. Not sure about Linux.
This has security implications since it makes it difficult(impossible?) to disable java on mac os x.
Forgot to mention: trunk and 1.5 exhibit the same problem.
Have you tried a fresh profile just in case it's some corruption that prevents saving prefs.js (java is enabled by default)? Or a different Mac altogether?
What if you use the Options dialog UI for disabling Java? (Probably the same)
What if you manually edit all.js to turn java off?
Could it be something in the JEP that won't let Java be turned off? That's the main Java difference between Mac and the other platforms.
> Could it be something in the JEP that won't let Java be turned off?
No. The JEP never alters (or even looks at) browser settings.
And in any case I'm not able to reproduce this with Firefox 1.5. Later on
(maybe tonight) I'll try it with the latest branch and trunk nightlies.
(In reply to comment #2)
> Have you tried a fresh profile just in case it's some corruption that prevents
> saving prefs.js (java is enabled by default)? Or a different Mac altogether?
I tried with a new profile and could not reproduce the problem in Firefox 1.5. about:config and Options dialog both worked and persisted the setting after shutdown and restart of the browser.
WFM? Is the profile issue worth investigating?
I just failed to reproduce this with any of today's three Firefox nightlies --
firefox-2006-01-09-03-mozilla1.8.0, firefox-2006-01-09-04-mozilla1.8 and
firefox-2006-01-09-05-trunk (i.e. DeerPark).
Reporter, did you check the permissions (and ownership) on the prefs.js file
in your old profile (or on the directory structure itself)? Restrictive
permissions might explain the problem you saw.
Otherwise I suspect this should just be marked WFM.
this is not security sensitive hiding this report only restricts our qa from investigating.
Could you also look at bug 318677, and remove that bug's security flag if you
think that's appropriate?
What branches does this repro on?
'security.enable_java' preference doesn't exist anymore.