Topic: Davis' Java Ticker Security Warning

[Gretnawx]

This isn't strictly speaking a WeatherLink issue but seems relevant enough to this board.   Some of us like using the Davis ticker to scroll annual/monthly extremes across our web pages but the current releases of Java pop-up a security warning/prompt whenever a page running the Davis Ticker app is accessed.  The warning requires acceptance of the security risk and also states in bold red type that future releases of Java will not support unsigned apps at all.  This would likely render the Davis Ticker useless unless it gets updated to a signed application.  I've e-mailed Davis tech support on this and will report back with their response.  In the meantime does anyone know a workaround or Java setting I can change to disable that security pop-up?  Thanks.

[saratogaWX]

Longer term, it would be much better to replace the Davis Java applet with a native JavaScript and just avoid the Java engine vulnerabilities entirely (especially if that is the only applet used on your site).

May I suggest one of the free scripts from http://www.dynamicdrive.com/dynamicindex2/

Most security professionals now recommend removing Java from your browser due to the large number of security issues in the last year (and the great number of exploits succeeding against older versions of Java).

Best regards,
Ken

[Gretnawx]

Looks like some good possibilities on that site.  I will attempt to get one of them working.  Thanks!

[Gretnawx]

I did finally get a reply from Davis (below) and not surprisingly there are no near term plans to update their Java ticker utility.  I was able to get one of the javascript options to work so the issue is OBE for me...

"At this time, there is no plan to make changes to the ticker.  However, I’ll be sure to share your concern so It can be considered for future releases.
I hope I answered all your questions.  If you need additional assistance, please feel free to contact us @ 510-732-7814, Monday-Friday, 7am – 5:30pm PST.
Have a great day!"

[RayF]

I got a reply too. Here's the dialog:

Ray: I and others are getting security warnings for using the davisticker.class to scroll our weather station data on our web pages. Do you have a simple step-by-step solution?

Davis Tech Support: The Security warning are by virtue of Java, who set up the Davisticker. The only suggestion is to allow your firewall to allow the warnings.

Ray: I can allow them but everyone else who visits my site who gets the warning will leave. It would seem to me that Davis would provide a solution as suggested by Ken True in the WX Forum “May I suggest one of the free scripts from http://www.dynamicdrive.com/dynamicindex2/. I don’t have the expertise to select and implement one of the scripts so unless Davis does I will have to remove the ticker tape. Please let me know if you plan to solve the issue or if not so I can remove the ticker tape. I’ll post your response on the forum so others will know what to do too.

Davis Tech Support: Sorry Ray,   I understand your situation and indeed reported it to my Manager who forwards your suggestion to the powers that be. It may not change in the near future, but we have documented your suggestion and hopefully, changes may occur.

[Fairview-WX]

I have modified the HTML code supplied by Davis Weatherlink to add a scrolling ticker to my weather web page using an old Javascript that I have been using on my personal web page for years. It has continued to work through numerous iterations of operating systems, browsers, etc. It took a little tweaking, and I found that I could not get it to consistently display the 'units' variables properly, so I hard coded them.

I found that the degree symbol would not display properly even on the normal web page, so I substituted &deg in HTML code to fix that. 

I get no Java warning messages for this imbedded code on my page.

You can see my ticker in action at: http://home.roadrunner.com/~farrellsrv/Weather

Use the Right-Click 'View Page Source' function to see how I removed the old Script and substituted with the Javascript.

The ticker was implemented with the following code:

<BODY background="mapp11111.gif" onload=startScroller(); bgProperties=fixed>  <-- Added the 'onload' statement

<!--Scrolling Banner Section -->

<SCRIPT language=JavaScript>
<!--
// You may edit the message within the
// quotation marks.
var msg = " This Month's Highs & Lows: High Temp. <!--hiMonthlyOutsideTemp--> F   Low Temp. <!--lowMonthlyOutsideTemp--> F    High Humidity <!--hiMonthlyHumidity--> %   Low Humidity <!--lowMonthlyHumidity--> %  High Barometer <!--hiMonthlyBarometer--> In   Low Barometer <!--lowMonthlyBarometer--> In   High Wind Speed <!--hiMonthlyWindSpeed--> Mph      ";

function startScroller()
{
   document.scrollForm.scrolling_message.value = msg
   msg = msg.substring(1, msg.length) + msg.substring(0, 1)
// This editable setting dictates how quickly
// each character moves across the scroll box
// (ex. 150=.15 seconds). 
   setTimeout("startScroller()", 400)
 
}
//-->
</SCRIPT>
</HEAD>
<!--Place this script in the BODY section.-->
      <FORM action="" method=post name=scrollForm>
      <P><!--This editable value is the size of the text box. -->
     <INPUT name=scrolling_message size=120> </FORM>
<!--Replace the BODY tag with the following--></P>
      <P>&nbsp;</P>


<!-- End Scrolling Banner -->


I'm sure there are better and more efficient ways to do this, but I went with what has worked for me since the Windows 98 days!

Enjoy!

Bob (Fairview-WX)

[RayF]

Thanks for a solution. I'll wait to see if others offer solutions before I try it. I haven't done much html for a while so I don't want to get myself into trouble but it doesn't look too difficult.

[Fairview-WX]

You are quite welcome.

When you are ready to give it a try, I would recommend making a backup copy of your current HTX file, so that you can always go back to it if you run into problems, then cut and paste right from the forum into your working HTX file.

Weatherlink's 'test' function is also helpful. You can have the program create the HTM file in a test folder that you set up, and open it with your web browser before going 'Live' with it. The Help function spells it all out.

If you have an HTML editor (I use a program called HomeSite), you can temporarily rename the HTX file to use an HTM extension, edit and view it with your editor, then when you have it the way you want it, save it and rename it with the HTX extension.

Good Luck!