Because of the some changes made in Java 7 Critical Security Update 21, java-plugin shows warning window (see attachment) when there is JavaScript-to-Java communication on the page.

see http://www.oracle.com/technetwork/java/javase/7u21-relnotes-1932873.html#secdialogs

Changes to Security Dialogs

As of JDK 7u21, JavaScript code that calls code within a privileged applet is treated as mixed code and warning dialogs are raised if the signed JAR files are not tagged with the Trusted-Library attribute.

For more information, see Mixing Privileged Code and Sandbox Code documentation.

The JDK 7u21 release enables users to make more informed decisions before running Rich Internet Applications (RIAs) by prompting users for permissions before an RIA is run. These permission dialogs include information on the certificate used to sign the application, the location of the application, and the level of access that the application requests. For more information, see User Acceptance of RIAs.