Skip to main content

Firefox will begin blocking specific, unnecessary Flash content, starting in August

firefox 55 adds webvr support
Kārlis Dambrāns/Flickr
The days of a Flash-flooded Internet are seemingly (finally) coming to a close, as Mozilla said in a blog posted on Wednesday that starting in August, Firefox will automatically block certain Flash-based, “invisible” content that’s not relevant to the user experience. The list of blocked Flash content that can be replaced with HTML will be small at first to ensure website compatibility. However, this list will grow over time.

Later on in 2016, Mozilla will add to its black list the practice of using Flash to check content viewability, which is a method of measuring advertising. According to Mozilla, by blocking this content, Firefox performance will improve, along with device battery life. The company suggests that advertisers who use Flash to measure viewability should switch to the Intersection Observer API, which is based on HTML.

The move to eliminate Flash in Firefox doesn’t stop there. In 2017, Mozilla will inject Firefox with a click-to-play approval feature preventing all Flash content from automatically playing. That said, web sites that rely on Flash or Silverlight for their videos and games are urged to move to HTML technology “as soon as possible.” Firefox currently supports Google Widevine and Adobe Primetime for encrypted video playback.

Reducing the use of Adobe Flash on the internet is part of an overall move to eliminate the use of browser plugins and making the World Wide Web more secure for surfers. Plugins, especially the one for Adobe Flash, are often targets of hackers, in addition to causing instability problems and performance issues. The move to HTML 5 essentially eliminates the need for Flash.

“Over the past few years, Firefox has implemented Web APIs to replace functionality that was formerly provided only by plugins,” reports Mozilla’s Benjamin Smedberg. “This includes audio/video playback and streaming capabilities, clipboard integration, fast 2D and 3D graphics, WebSocket networking, and microphone/camera access. As websites have switched from Flash to other web technologies, the plugin crash rate in Firefox has dropped significantly.”

In a chart provided by Mozilla, the crash rate of Firefox plug-ins seemingly continued to climb until Google switched to HTML5 video playback on YouTube. Crashes continue to decline after Facebook switched to HTML5 video as well, but the chart still shows highs and lows as other sites still rely on Adobe Flash for video playback, advertising, games, and other Web-based content.

Until Flash is fully phased out, Mozilla said it will continue to work with Adobe to provide the best possible Flash experience for Firefox users. This joint effort has already led to high-quality Flash playback, accelerated Flash rendering, and enhanced sandboxing. In fact, Flash will still be supported via a plugin when Mozilla drops support for NPAPI plugins in March 2017. That’s when Mozilla launches the next Firefox ESR build that will support specific plugins (Java, Silverlight, etc.) until early 2018.

Google already introduced a feature in its Chrome browser back in June 2015 pausing Flash content that’s not central to the webpage. Microsoft is introducing a similar feature in its Edge browser when its Anniversary Update rolls out to Windows 10 early next month. This feature will “intelligently” auto-pause Flash content not central to the web page, the company said. Firefox, it seems, will provide control over all Flash content next year.

Editors' Recommendations

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
Crashing the masquerade ball: New Firefox exploit could expose Tor users
A hand on a laptop in a dark surrounding.

Mozilla engineers are patching a previously unknown JavaScript zero-day exploit that could expose Tor users.

The exploit was delivered through a Tor mailing list that when opened could unveil the MAC address and possibly even the IP address of a user running Tor Browser on Firefox. It is “100 percent effective for remote code execution on Windows systems,” said security researcher Joshua Yabut. Versions 41 to 50 of Firefox are reportedly affected.

Read more
Firefox 48 gets a new media component that’s a little ‘rusty’
firefox 58 may be first major browser to block canvas fingerprinting mac screen desk

What's brand new and already a little rusty?

The latest version of the Firefox browser for the desktop will have a component based on the new Mozilla-backed Rust language, said Dave Herman, a principal researcher and director of strategy at Mozilla this week. Rust is billed as an alternative to C++, and promises that programmers can be more productive and suffer less headaches regarding troublesome memory exploits.

Read more
Hacker group may be exploiting unpatched vulnerability in Adobe Flash Player
adobe reuters team up stock photography video media content archive adobehq

Kaspersky Lab’s latest blog, written by Costin Raiu, points to a security advisory published by Adobe that warns of a critical vulnerability in Adobe Flash Player version 21.0.0.242 and older for ChromeOS, Linux, Macintosh, and Windows-based operating systems. This vulnerability, called CVE-2016-4171, could cause a crash if exploited and allow hackers to take control of the affected system.

According to Adobe, it’s aware of an exploit of CVE-2016-4171 being used in the wild in limited, targeted attacks. However, the company doesn’t seem to be too worried about the problem, as a fix won’t be offered until Adobe dishes out its monthly security update slated to be released as early as June 16 (just days away).

Read more