New Safari 10.0.2 is disabling Flash and Silverlight. Script or Manage Pref to re-enable?

NealIV
Contributor

Updated all my Macs in the environment and Safari security settings is disabling Flash and Silverlight. How can I re-enable this via Casper?

11 REPLIES 11

mm2270
Legendary Contributor III

Question: Is it disabling the plug-ins because they are out of date? Or are the plug-ins fully up to date and Safari is still disabling them?

What version of Safari is this happening on?

NealIV
Contributor

10.0.2 and the plugins are up to date.

guidotti
Contributor II

Try some of the config profile logic from here:
https://www.jamf.com/jamf-nation/discussions/21795/enable-flash-player-plugin-in-safari-with-script

SGill
Contributor III

Latest Safari is 10.0.3

NealIV
Contributor

i can't be the only one experiencing this.

andreassauer
New Contributor II

Hi there, I updated yesterday from 10.12.2 to 10.12.3 with Safari 10.0.3.
Silverlight (5.1.50901.0) and Flash-Plug-In (24.0.0.194) are still activated.

rvelasco212
New Contributor II

To be clear are you talking about the per site 'Ask' or allow for All ('On') setting for the Flash plugin? Where if it is set to 'Ask' the sites will appear in the list (as seen on the screenshot). Though I've encountered sites where no prompt appears when viewing the page and I have to enable it manually in Safari's Internet Plug-in setting.

3111fd447d7c4076bb5bb0587f01f82b

Chris_Hafner
Valued Contributor II

If it makes you feel any better this is happening with Citrix Receiver. While I don't normally find myself venturing down this route, we're educating our users as to the cause and reason behind it. Hopefully, we can start negotiating our way away from or around these technologies.

easyedc
Valued Contributor II

You're not the only one experiencing it, but I'll +1 for managing certain sites via a custom configuration profile to keep certain plugins active. For instance, we push a forced profile that keeps java enabled and trusted for our VPN site. After that, it's up to the user. This resolved the issues for our corporate assets, but we get frequent tickets to our help desk for BYO workstations using Citrix Receiver, for instance.

cdev
Contributor III

We've seen the same thing and have gone the route of a configuration profile to set the default behavior with the plugins, as well as pre-configure a few specific hosts which require additional/different settings.

Gonzalez
New Contributor III

@NealIV While I generally recommend the configuration profile solution, do to a previous bug with AD bound Macs the following script is how I manage this. The script is a variation of @gregneagle python script found here: https://gist.github.com/gregneagle/55ef3a0c0232074a1f58

You will have to run this script as the user.

#!/usr/bin/python

##########################################################################
#
# Very basic settings required to allow X applications 

import CoreFoundation
from Foundation import NSDate
from Foundation import NSMutableArray, NSMutableDictionary

import subprocess

#read 
policy = CoreFoundation.CFPreferencesCopyAppValue(
         "PlugInInfo", "com.apple.Safari")

# testing output         
# print policy

    # policy is an immutable dict,
    # so we have to make a mutable copy
my_policy = NSMutableDictionary.alloc(
        ).initWithDictionary_copyItems_(policy, True)

# Set plugiInCurrentState to on for Meidas applications

if 'com.oracle.java.JavaAppletPlugin' in my_policy:
    # make a mutable copy of the dict
    current_dict = my_policy[
        'com.oracle.java.JavaAppletPlugin']
    my_policy['com.oracle.java.JavaAppletPlugin'] = (
        NSMutableDictionary.alloc(
            ).initWithDictionary_copyItems_(
                current_dict, True))
    my_policy["com.oracle.java.JavaAppletPlugin"]["plugInCurrentState"] = True

if 'com.cisco_webex.plugin.gpc64' in my_policy:
    # make a mutable copy of the dict
    current_dict = my_policy[
        'com.cisco_webex.plugin.gpc64']
    my_policy['com.cisco_webex.plugin.gpc64'] = (
        NSMutableDictionary.alloc(
            ).initWithDictionary_copyItems_(
                current_dict, True))        
    my_policy["com.cisco_webex.plugin.gpc64"]["plugInCurrentState"] = True

if 'com.macromedia.Flash Player.plugin' in my_policy:
    # make a mutable copy of the dict
    current_dict = my_policy[
        'com.macromedia.Flash Player.plugin']
    my_policy['com.macromedia.Flash Player.plugin'] = (
        NSMutableDictionary.alloc(
            ).initWithDictionary_copyItems_(
                current_dict, True))        
    my_policy["com.macromedia.Flash Player.plugin"]["plugInCurrentState"] = True

# testing output 
# print my_policy             

# set the changed preference
CoreFoundation.CFPreferencesSetAppValue(
    'PlugInInfo', my_policy, 'com.apple.Safari')

# set root preferences
CoreFoundation.CFPreferencesSetAppValue(
    'com.apple.Safari.ContentPageGroupIdentifier.WebKit2JavaScriptEnabled', True, 'com.apple.Safari')

CoreFoundation.CFPreferencesSetAppValue(
    'com.apple.Safari.ContentPageGroupIdentifier.WebKit2JavaScriptCanOpenWindowsAutomatically', True, 'com.apple.Safari')

CoreFoundation.CFPreferencesSetAppValue(
    'BlockStoragePolicy', 1, 'com.apple.Safari')

CoreFoundation.CFPreferencesSetAppValue(
    'com.apple.Safari.ContentPageGroupIdentifier.WebKit2StorageBlockingPolicy', 0, 'com.apple.Safari')

# Shutdown Safari before saving settings
# check to see if Safari is running
subprocess.call(['osascript', '-e', 'tell application "Safari" to quit'])

# Save write to 
CoreFoundation.CFPreferencesAppSynchronize(
    'com.apple.Safari')