I'm seeing the same as Anthony, after changing the security.fileuri.strict_origin_policy preference. The same has beeing going on for a few months with my local pages, unsigned applet. My only solution was running from a local webserver.

It is true that with latest Firefox no applet is loaded and after changing the security.fileuri.strict_origin_policy  the applet loads but the security alert is displayed, so no molecule display. I tried ajusting the Control Panel > Java security options to a lower or custom level with no success; in fact everytime I go back to check it has automatically reverted to higher security.