Java is a programming language owned by Oracle Corp. It’s used to allow web servers to interact with individual users through their browser. An example is zipForm® 6 Professional, which has server-side coding in Java to allow users to view forms. To use zipForm®, you must download and install a Java plug-in from Oracle into your web browser (Firefox, Chrome, Internet Explorer, Safari, etc.).
Recently, a series of Java security vulnerabilities in these plug-ins have been revealed. If you’re running an outdated Java plug-in and you visit a website running Java with malicious code, your computer could get infected. This problem isn’t limited to Java – new vulnerabilities pop up every day, which is why you’re constantly getting prompted to update your operating system or applications. But Java has been popular with the hackers lately.
Some security experts have criticized Oracle (and Adobe Systems, for that matter) for not anticipating vulnerabilities and being slow to address them. Since the beginning of 2013, Oracle has been challenged on nearly a weekly basis to update the Java plug-in. One software developer (Apple Computer) has even begun issuing software updates with Java support on its Safari browser disabled! To our knowledge, Safari is the only browser which has disabled Java by default.
HTML5 is the latest revision of the basic language of web pages. Web servers of all types use HTML code to express content on users’ computers through their browser. In other words, when you go web surfing, you connect your computer to a web server and most of the text, pictures, sounds and other content you see is interpreted and displayed via your browser using HTML code. However, prior to HTML5 multimedia content like Java or Flash required a plug-in.
One big advantage being touted for HTML5 is that it’s can show multimedia content without relying on plug-ins. HTML5 is a work in progress – the version released toward the end of 2012 is stable, but revisions are planned for the next year or two. Most common browsers support HTML5, but it’s likely that we’ll see differences (i.e., bugs) in how each browser interprets HTML5 for a little while.
HTML5 is especially important to Apple Computer, because the company chose not to support Java and Flash on its mobile devices. On the one hand, Adobe has suggested that Apple is limiting access to their App Store by not supporting these common, highly popular services; on the other, in April 2010, Steve Jobs presented an eloquent rebuttal (http://www.apple.com/hotnews/thoughts-on-flash/) to the notion that money was involved. Regardless of where you land on the issue, Mr. Jobs made it clear how important HTML5 is to Apple’s future.
zipForm® and Apple devices
As mentioned earlier, the recent spate of Java vulnerabilities has resulted in Apple “turning off” Java support in Safari. The chances of running across a website with “bad” Java code are fairly slim, but apparently Apple’s position is that the risk is too high and they disabled the plug-in. The net result is that safe Java websites like zipForm® are affected, too. Generally, Safari users can manually turn Java back on or switch to a different browser, but it’s confusing and irritating.
Of course the ideal solution is for zipLogix (the creator of zipForm®) to move completely away from requiring Java for zipForm® Professional. In private discussions last July, zipLogix confirmed it had started a full rewrite to transition zipForm® to HTLM5 . The AAR e-Forms Workgroup saw an early demo in October of 2012 and were told release was planned for early in the second quarter of 2013. Considering that stable versions of HTML5 have been around less than a year, this schedule seems reasonable.
Meanwhile, zipForm® users with Macs will have to navigate the issues between Java and Safari for the next few months. zipLogix keeps the latest info up at http://support.zipform.com/java/. Also, the AAR Business Services team is happy to help at (866) 833-7357 or firstname.lastname@example.org.
If you have questions or comments, please contact me.