Support | About Web Browsers


Information about configuration and security for Firefox and Internet Explorer.


Update Notice, 15 April 2015:
For browser/clients using JREs versions 8u40 or newer, SDS recommends updating VIP Servers to the new 8.0.D release. See details at "Java Applets, below."


Contents: Browsers & Versions Trusted Sites ActiveX AJAX support
Java Applets Cookies JavaScript Meta refresh
Popup windows Security for IE Status bar Tabbed browsing
The "Next-Generation" Java Plug-in

Browsers & Versions

Your browser is unidentified

Firefox is available free of charge at www.mozilla.com

Internet Explorer is available free of charge at www.microsoft.com/downloads

SDS does not support the Chrome browser as a client for SDS VitalSigns products, because Chrome does not support Java Applets. See How do I use Java with...Chrome and NPAPI plugins don't work on Chrome.

SDS does not support Opera as a client for VitalSigns products because Opera is not widely enough in use to merit testing. VitalSigns will probably work with Opera. We just don't test it.

Internet Explorer 11 can look like Internet Explorer 7, 8 9... For backward compatibility, any version of IE after IE 7 can be configured to look and behave like an earlier version. That is why a test of browser configuration can return IE 7, even though Help > About says IE 11. That compatibility mode can be changed in two places:

  • Press the F12 key. See the menu item Emulation
  • Select Tools > Compatibility View settings

Trusted sites

Naming trusted sites lets you specify looser security standards for web sites you know, without doing the same for strangers.

In Internet Explorer...

  1. Select Tools > Internet options > Security.
  2. Mouse-click on the Trusted sites icon trusted, then on the Sites button.
  3. At the first field, Add this Web site to the zone, enter the URL where you access the SDS Product Server, for example, www.yourCompany.com:8080.
  4. Mouse-click on the Add button.
  5. Do not check the box labeled Require server verification (https:)...
  6. Mouse-click on Close and OK.
^ return to top

ActiveX

ActiveX is the part of Internet Explorer that enables JavaScript to communicate with Java applets, and to create and submit HTTP requests, among other facilities. If an SDS Product Server shows you a message about a failure of ActiveX, proceed as follows:

In Internet Explorer...

  1. List the SDS Server among your browser's Trusted Sites, see Trusted Sites, above.
  2. Make sure that trusted sites are allowed to use ActiveX. See Security for Internet Explorer, below.
^ return to top

AJAX support

AJAX, meaning Asynchronous JavaScript and XML, is an architecture or strategy for pulling new information into an existing web-browser display. It relies on the ability of JavaScript to send HTTP requests to servers, then use the response to alter the browser display, without reloading the entire web page. The SDS Product Server uses AJAX methods to acquire information about the SDS products installed on the Server. And the on-line help systems in SDS products often use AJAX methods to present help for whatever the product is currently displaying in a browser window. Like cookies, AJAX methods cannot cross domains. A web page at yourCompany.com can use AJAX methods to send requests to yourCompany.com only. Thus it does not pose a security risk. When an SDS Product Server gives you a message about a failure to find any SDS products on that server, or some other message about a failure regarding AJAX, HTTP requests, or XML parsing, proceed as follows:

In Internet Explorer...

  1. List the SDS Server among your browser's Trusted Sites, see Trusted Sites, above.
  2. Make sure that trusted sites are allowed to use AJAX. See Security for Internet Explorer, below.
^ return to top

Java Applets

SDS products employ Java applets, small Java programs linked into web pages for display by web browsers. For security's sake, applet files (*.class) are packaged in Java ARchive (*.jar) files that include electronic signatures for authentication. Running applets requires that the client browser can access a Java Runtime Environment (JRE), also called a Java plug-in or Java Virtual Machine (JVM).

You are using:
operating system unknown
browser unknown
JRE version unknown

If you can see the red and green circles above, your browser supports applets packaged in signed *.jar archives.

The gray box above is a Java applet that has not yet run. For security, applets do not run until you specifically allow them. Right-click on the gray box; from the menu, select Activate. If there is no menu, your browser does not have access to a JRE; see the instructions at left.

SDS products further require that the client's JRE and the browser's JavaScript interpreter can communicate with each other. Enable applets as follows:

In Firefox...

  1. Install or re-install a JRE at the client machine. For instructions, see About Java.
  2. In a Firefox window, see Tools > Add-ons > Plugins.
  3. Look for an item named Java Platform....
  4. At the entry for Java Platform, select Always Activate or Ask to Activate. If there is no Java plugin, get and install one. See About Java.

In Internet Explorer...

  1. Install or re-install a JRE at the client machine. For instructions, see About Java.
  2. List the SDS Server among your browser's Trusted Sites, see Trusted Sites, above.
  3. Make sure that trusted sites are allowed to use Java. See Security for Internet Explorer, below.
^ return to top

Cookies

Most SDS software that uses a browser interface requires that the browser be allowed to use cookies. The software functions poorly or not at all without them. A cookie is the one exception to the security rule that web sites cannot write to your client machine. If you configure your browser to accept cookies, the browser can create a text file on your hard drive. Cookies provide convenience to you. They save names, passwords, and session data, for example, as you navigate from one web page to another. But cookies also provide intelligence to advertisers. That is why users often configure their browsers to reject cookies. For security, browsers limit the number and size of the cookies they will save. They also provide controls that let users accept cookies from some sources, while rejecting cookies from others, as described below. Cookies come in three varieties:

  • Session cookies are ephemeral. The browser discards them once you leave a given web site, i.e. when you end the session. The other varieties of cookies specify an expiration date, and the browser saves them until that date.
  • First-party cookies are associated with the domain of a given web site. A first-party cookie written by a web page at yourcompany.com can only be read by a web page at yourcompany.com.
  • Third-party cookies can cross from one domain to another. A web page at publisher.com might display an advertisement from retailer.com, and retailer.com might read and write third-party cookies in the process.

SDS software often requires that a browser-client allow third-party cookies. But that is not because SDS is passing data from one domain to another. It is because, as a side-effect, blocking third-party cookies can also prevent Java applets from communicating with an SDS product server. Enable cookies for SDS products as follows:

In Firefox...cookies

  1. See Tools > Options > Privacy > History.
  2. From the menu named Firefox will, select Use custom settings for history.
  3. Check and select Accept cookies from sites, Accept third-party cookies: From visited, and Keep until: they expire.
  4. Click on the Exceptions... button. At the first field, Address of web site, enter the URL where you access the SDS Product Server, for example, www.yourCompany.com:8080.
  5. Click on Allow and Close.

In Internet Explorer...

First, list the SDS Server among your browser's Trusted Sites, see Trusted Sites, above. Second, proceed as follows:

  1. Select Tools > Internet options > Privacy.
  2. Click on the Sites button.
  3. At the first field, Address of website, enter the URL where you access the SDS Product Server, for example, www.yourCompany.com:8080.
  4. Click on Allow, OK, and OK.
^ return to top

JavaScript

JavaScript runs within browsers only. It does not have any power to otherwise affect your client machine. JavaScript is not the same as Java. It is similar, but not identical to, Microsoft's JScript. If JavaScript is disabled at your web browser, you will probably experience significant difficulty using this web site--www.sdsusa.com--as well as many other browser-based tools, include SDS products. The procedure described below will allow a browser to process the JavaScript codes in SDS products.

In Firefox...

  1. Direct the browser to the address about:config.
  2. Search for the word javascript
  3. Set javascript.enabled to true

In Internet Explorer...

  1. List the SDS Server among your browser's Trusted Sites, see Trusted Sites, above.
  2. Make sure that trusted sites are allowed to use JavaScript. See Security for Internet Explorer, below.
^ return to top

Meta Refresh

The procedure described below will slightly loosen browser security. For an SDS Product Server, it will allow your browser to read a meta-refresh tag like the following:

<meta http-equiv="refresh" content="0;url=test.htm">

then send the browser forward to the page test.htm.

In Internet Explorer...

  1. List the SDS Server among your browser's Trusted Sites, see Trusted Sites, above.
  2. Make sure that trusted sites are allowed to use meta refresh tags. See Security for Internet Explorer, below.

In Firefox...

  1. In the browser's address field, type about:config.
  2. That opens the Firefox configuration tool. In the search field, type refresh
  3. See the option accessibility.blockautorefresh. The value true means meta refresh is blocked.
  4. To change the value, double-click on it.
^ return to top

Pop-up Windows

SDS products require that a browser allow them to create new browser windows, a.k.a. pop-ups. Pop-ups may open in a new browser window, or in a new tab of the existing window. See the instructions below regarding Tabbed browsing. Set your browser to allow pop-ups as described below.

In Firefox...

  1. Select Tools > Options > Content.
  2. After the field Block pop-up windows, click on Exceptions...
  3. At the first field, Address of website, enter the URL where you access the SDS Server, for example, www.yourCompany.com:8080.
  4. Mouse-click on Allow, then Close.

In Internet Explorer...

First, list the SDS Server among your browser's Trusted Sites, see Trusted Sites, above. Second, proceed as follows:

  1. Select Tools > Pop-up Blocker > Pop-up Blocker settings.
  2. At the first field, Address of website to allow, enter the URL where you access the SDS Product Server. For example, www.yourCompany.com:8080.
  3. Mouse-click on Add, then Close.

The Google Toolbar may also block pop-ups, in addition to and regardless of pop-up settings in IE itself. If you have a Google Toolbar installed, prevent it from blocking a pop-up as follows:

  1. Navigate IE to the website in question, i.e. the site where the desired pop-up is blocked.
  2. Mouse-click on the pop-up icon and select from the menu: Always allow pop-ups from host.name. Google pop-ups

Other tools added onto IE may cause the same problem as the Google Toolbar. You can disable all such add-ons, also called "browser extensions," as follows:

  1. Select Tools > Internet options > Advanced.
  2. Scroll to Browsing, check box Enable third-party browser extensions*
  3. Mouse-click on the box to un-check it, empty box Enable third-party browser extensions*
  4. At the lower-right of the dialogue box, mouse-click on Apply and OK.
  5. Shut down and re-start the IE browser.
^ return to top

Security for Internet Explorer

When a client-server application fails to work properly with Internet Explorer, the first step is to adjust IE security as follows: First, list the SDS Server among your browser's Trusted Sites, see Trusted Sites, above. Second, set the security level for trusted sites to Low:

  1. Select Tools > Internet options > Security.
  2. Mouse-click on the Trusted sites icon trusted.
  3. At the lower-right of the panel, click on the button Default level.
  4. At Security level for this zone, drag the slider to the bottom, setting the security level to Low.
  5. Mouse-click on Apply and OK.

Or you can manually adjust IE's security parameters, as follows...

    1. Select Tools > Internet options > Security.
    2. Mouse-click on the Trusted sites icon trusted.
    3. Mouse-click on the Custom level... button.
    4. At a minimum, SDS products require that you select enable for the following options:

ActiveX controls and plug-ins

Run ActiveX controls and plug-ins

Allows Java applets to load, the Java JRE to run, and AJAX scripting to create HTTP requests.

If not enabled, and a page includes an applet, IE presents a warning bar at the top of the window.

Script ActiveX controls marked safe for scripting

Allows JavaScript to communicate with Java applets and the JRE.

Miscellaneous

Allow META REFRESH

For details, see the heading Meta refresh, above.

Scripting

Active scripting

Allows JavaScript to run.

Allow status bar updates via script

Allows JavaScript to write brief messages to the status bar.

  1. Mouse-click on OK > Yes > OK to return to the main browser window.
  2. Shut-down the browser and re-start it.
^ return to top

Status Bar

The status bar is the gray bar at the bottom of the browser window. Typically, web pages can use JavaScript to write brief messages to the status bar. But that access may be denied in your browser. To display the status bar and allow web pages to write messages there, proceed as follows:

In Firefox...

  1. Install the "Status-4-Evar" add-on.

In Internet Explorer...

view status
  1. Select View > Toolbars.
  2. If Status bar is not checked, select it.
  3. List the SDS Server among your browser's Trusted Sites, see Trusted Sites, above.
  4. Make sure that trusted sites are allowed to update the status bar. See Security for Internet Explorer, above.
^ return to top

Tabbed Browsing

When an SDS product opens a new browser window, that window might open in a new tab of the current window, or in new window separate from the current window. You can specify which you prefer. In particular, you may find it helpful to turn off tabbed browsing in order to use the help system built into SDS products. The help windows are intended to be read along-side live product displays, so that you can read the help and the data display at the same time. That's only possible if you disable tabbed browsing.

In Firefox...

  1. Select Tools > Options > General.
  2. uncheck box Uncheck the box labeled Open new windows in a new tab instead.

In Internet Explorer...

  1. Select Tools > Internet options > General.
  2. At the middle-right of the window, click on Tabs.
  3. Select Always opoen pop-ups in a new window.
  4. Click on OK and OK, then re-start the browser.
^ return to top