So I was testing timedmediahandler on computers at my university (I figure they represent a fairly common config).
On MSIE:
*I hit play button on an audio file
*Goes to java cortado fallback as it should
*Prompt comes up saying my java is out-dated
*I click continue anyways
*Pop up says applet is blocked by your security settings (My security setting is "high" which is the default. Apparently this blocks all unsigned java applets when you need an upgrade.
There's probably a good portion of our user base using old java. Signing the applet should get around this. There's a signed version at http://theora.org/cortado.jar, in my experiments, the copy of IE I did the test on successfully loaded this version (After a are you sure prompt).
We could potentially just use this signed version, however it would probably be ideal if instead Wikimedia signed the applet we serve, as then the publisher would be listed as "Wikimedia", so people would be more likely to trust it vs a publisher as some random person.
See also: http://www.java.com/en/download/help/jcp_security.xml
Version: unspecified
Severity: normal
See Also:
https://rt.wikimedia.org/SelfService/Display.html?id=7695