Although Flash's heyday is long gone, let's not forget how much Flash brought to the table back in the late 90's and early 2000's: animation, sound, games, and scaleable vector graphics and more. Macromedia's purchase of FutureSplash and subsequent release of the ubiquitous Flash player was a game changer for the web. Being able to download and play real games and experience interactive websites over slow dial-up connections was amazing and changed people's perspectives of the web.
The FLV format also finally made streaming video a seamless experience for the end user; leading to the creation of Youtube and other streaming video services.
Like all technologies, Flash was overused in places (pre-loaders, rotating 3d logos, banner ads) and Adobe's push towards Flex and RIA's took Flash away from of it's roots in animation for quite a few years. However, it will be interesting to see if the equivalent HTML5 stack follows a similar timeline-- minus the website pre-loaders...of course.
I'm happy to see Flash on its way out – I haven't even tried to install it the last few years. Native browser support tends to work and integrate much better on Linux than having to depend on a third party to deliver up-to-date software. The only site I visit that still seems to require Flash is the BBC, for video fragments.
There's some irony with Google blaming Flash for being spammy; I recently inspected what's probably the biggest shopping website in the EU because it slowed my computer to a crawl and noticed at least 30 to 40 outgoing connections, a lot of them to Google and its diverse ad, tracker and analytics properties.
EMC just switched their terrible java front end for one of their products to a terrible flash front end. I laughed in the sales guy's face when he tried to tell me that switching to flash was this great advancement. They weren't doing anything you couldn't do in html 5.
Also if you want to stream BBC radio in browser it still insists on using Flash to do it. My concern is with the way Google tend to do things in Chrome (Aunty Google knows best, please do as I say) I might not even be able to continue to use flash for the very few sites I'd like to, or have to.
e.g. I tried to download an mp3 of a radio show from bbc.co.uk earlier today and "download blocked" with no option to override. I have all the protect me from myself settings firmly off. chrome help says it's Internet Settings. Internet settings says it's fine to download, and I've downloaded dozens of other mp3s flawlessly. mp3 actually downloads if you paste the button url in a new tab rather than click the button. I've had similar issues with other, innocent and harmless, files in the past. Well, since they brought in their cleverness and download "protections".
I forsee similar issues with flash as it goes through its deprecation.
There's some irony with Google blaming Flash for being spammy
You're being a little kind; this is not so much irony as outright hypocrisy.
Apple did something similar with iOS, refusing to support the plugins arguing that they were insecure and so on, and then promptly using one of their own for HTML5 media elements that broke all kinds of functionality, as well as ignoring the related Web standards whenever it suited them, and then locking up their ecosystem so no-one else could offer an alternative browser that handled these issues better.
The problem with modern browser developers is that they seem to have decided their job isn't just to present the content of the Web but to try to influence and curate it on behalf of their user bases. Google gets extra demerits because it is also trying to do the same through its control of the dominant search engine. I don't think this amount of concentrated power is even remotely a healthy trend for the future of the Web.
Even FF is doing this with bad SSL Certs. I am 100% behind the idea of saying "We don't think you should go to this page because of $x", but at the end of the day, give me a way way to override it.
What does FF do that can't be overridden? We have a WAP management page that uses an insecure DH cipher; Chrome and Firefox both blocked us, but only about:config in FF had an override.
I can't find a site to test on, but I believe it's sslv3 sites that FF won't let me override. I could be mis-remembering, but it's something similar to that.
> Today, more than 90% of Flash on the web loads behind the scenes to support things like page analytics. This kind of Flash slows you down, and starting this September, Chrome 53 will begin to block it.
Slightly off topic: I always found the term "block" to be a bit odd in the web browser context. The browser is the ultimate authority on what gets rendered and shown to the user; there's no need to block anything, because it can just not attempt to show it in the first place.
The term goes back at least as far as popup blockers. I wonder if it's because early popup blockers were browser plugins, rather than built in features, so they did have to actively intervene in the user experience.
The UA might be the ultimate authority on what gets presented to the user and what doesn't, but, for better or for worse, the policy has been "draw everything" since forever. Given a change in policy that explicitly avoids drawing some specific things, it's fair to call it "blocking" those things.
> This kind of Flash slows you down, and starting this September, Chrome 53 will begin to block it.
Ah, so it's for the user, not because other ad networks cannot rely on implicit whitelisting for their analytics callback channels because, aww shucks, the browser vendor just happens to run the ad network.
I think your parent is pointing out that the browser is the one that initiates the fetching of all of this content in the first place. So, there's no need to "block the server from delivering something" as it can decide never to ask the server to deliver that something.
The server is not going to deliver something unless the client requests it (or the client and server are using a protocol like HTTP/2 that can push content from the server).
That's not what happens though. The server totally delivers the initial thing, the browser decides the thing is not important and doesn't do anything with the data it received and inspected. This may result in other things never being requested.
The end of an era, to which all I can say is good riddance. Flash Player has been responsible for 892 published CVEs [1]. The world is safer without it.
That's like saving good riddance to the internal combustion engine because we would be healthier without it, as if we've had better alternatives all along. If it weren't for Flash, we might all be complaining about Java applets right now.
We've had better alternatives on the desktop for over six years now, since Apple said "No Flash for iOS" in April 2010, when content creators panicked to capture that market and started conversion to HTML5 video. That already was a long time coming.
Chrome finally saying farewell to Flash in this manner forces the market to recognize that Flash is no longer an option even on the desktop.
As for my security argument: using the link above, if we start with vulnerabilities found in Flash Player after April 2010, that's still 830 of them.
For video, HTML5 video was simplistic before DASH, which became a standard in 2012. Further, with Flash your choice of codecs was easy (Sorensen Spark, and later H.264); with HTML5, you have to stream in whichever combination of audio and video codec and container the browser supports.
For rich interactivity other than video, we're just now, in 2016, at a point where we can claim the Web Platform [1] finally is on par with Flash, but sites like CanIUse still exist [2], because not every browser supports every new API. Flash gets a (rightfully) bad rep for its security vulnerabilities, but it was a single platform to target, and it's been replaced with alternatives that are no less subject to vendor pressures, despite being 'open' and 'neutral'.
Video alone isn't all of it though... there were a lot of games, and flash animation was also MUCH lighter than video streaming on bandwidth and cpu overhead.
Beyond that, one of the most significant areas of flash as a player is eLearning, training and simulations. Say what you will about a lot of the garbage in player, the authoring tools were some of the best available... though I haven't seen what Adobe has on deck today, it was a very nice experience with nothing comparable for at least until 2012 (last time I worked with flash/flex).
What my real hopes were when adobe bought Macromedia, was that they'd open up the format, and convert it to a packaged zip file with a manifest, svg and javascript proper as the language. Allowing for browsers to co-opt and internalize the players. Then adobe could continue to make great tooling and the browser vendors could correct the ship on the players. My dream is pretty close to what Silverlight offered, but that was something nobody was willing to look at for good enough reasons.
> Say what you will about a lot of the garbage in player, the authoring tools were some of the best available...
I emphatically agree. Back in 2004-2006 I was doing Macromedia Flash MX 2004 development (with the new-and-shiny ActionScript 2.0! Based on the forthcoming ECMAScript 4 standard that should be finalized any day now...). It was hands-down one of the best development environments I've used w.r.t. creating games and "rich Web applications". It really was the best thing available at the time: you could draw and animate your sprites, tiles, backgrounds, whatever within the same IDE in which you wrote your code. You could attach scripts to any object on- or off-stage, and they ran in an event loop. The documentation it shipped with was also excellent, and I picked up a hardcopy of the "ActionScript 2.0 Bible", a massive tome of beginner's tutorials, intermediate tips and tricks, and complete language and library reference -- for a measly $20.
Nowadays, Unity gives a similar yet more featureful environment for writing games, and Silverlight briefly presented an alternative for "rich content". As far as rich content goes: sure, we can do that stuff with HTML5 and JavaScript nowadays, but it was just so much more pleasurable to work with the Flash IDE than anything else I've seen, excepting maybe Silverlight. Where making a Web 2.0 application feels like an enormous pain in the ass, making the same in Flash was a joy. It was fun rather than frustrating!
I think if Adobe (or even Macromedia) had opened up the Flash format (SWF), and maybe even the plugins, things would've gone a lot differently. Flash could've been a law-abiding citizen of the "Open Web", and we could've seen some healthy competition amongst development and runtime environments. The community at large could've found ways to iterate and improve on the technology. But, I suppose that ship has sailed and we're stuck trying to jackhammer the round peg that is application delivery into the trapezoidal hole that is document delivery (i.e., the Web).
I've seen it, and it may work for quite a bit of that legacy content... there are also stand alone players/clones that I've seen a few of... I haven't had to work with or generate that kind of content for a while though, so no idea what the modern tooling equivalent is.
In a (classic, non-appified) native application, the application can do whatever it wants with your computer and your personal files, and only the OS' privilege escalation mechanism is stopping it from modifying system files (but will happily let you proceed if you sudo or click the windows UAC prompt).
Vulnerabilities aside, at least Flash runtime didn't give unfettered access, and was even nice enough to ask for permissions to the webcam and microphone. Furthermore the runtime was frequently updated and patched by the vendor, and Flash being embeddable in web pages made keeping up-to-date individual Flash applications easy, as they were hosted on the server.
And if we lived in that world we'd all be saying "no one ever sandboxed their apps, maybe if Flash had taken off they'd have plugged their security holes and we would have had a great platform!"
...as if we've had better alternatives all along...
In the case of about 95% of the Flash that's been written, we have had a better alternative all along: Not writing Flash. Not animating the self-help menus at your ISP, not auto-playing music at every restaurant website, not cramming a megabyte of crap into the ads coming down your 56kbps modem connection, etc.
On top of all the CVEs there is also the rampant proliferation of fake Flash installers. They are just tricky enough to get less savvy users and slam them with adware or malware. Not having to install third party software to browse the internet has it's own security benefits.
Even the best developers aren't miracle workers. Its clear that a lot of these older web projects like Flash and Java runtimes were poorly engineered from the start, especially in terms of security, and now all the guys who maintain them just inherited thousands of man years of technical debt. They can't fix it, short or rewriting from scratch, and that has a time/money cost management isn't interested in.
Worse, to fix a lot of these issues you'd have to fix the APIs as well, and that means a new version that doesn't work with the old codebase. People only use Java and Flash because they're on every computer and work with legacy apps. If you introduce a new breaking version, then you're asking for trouble.
Oracle tried that. At my previous employer, the week after a Java client update was always fraught with peril as the new plugin didn't work with Peoplesoft(!) and prevented us from being able to take orders. The fix was usually some combination of a hot-patch for clients plus extended patching for Peoplesoft.
As a former Flash animator and ActionScript programmer I appreciate the tone of the post. Flash sucks by today's standards but it played its crucial role in the history of the internet. Farewell.
Agreed... nothing compared to Flash's tooling at the time, and when Apple started the fist volley that started sinking flash, there really wasn't anything comparable, or having the reach of the tooling for authors.
I haven't had to deal with that kind of content for quite a while now, but I would think some of the authoring has gotten better. It's a bit of a shame though as flash animation projects were so much lighter than video streaming.
I hope as the web moves on we find an easy way of preserving a lot of the creative work that's been done in Flash.
Some sort of WebGL/asm.js/WebAssembly player for SWFs on the internet archive would be the pipe dream, I think. That way we could watch Strong Bad long after Flash is available in the future.
There just wasn't enough work and money put into these open source players.
For instance there is proprietary Flash implementation called Scaleform used for games UI. Even long ago before Autodesk acquired them it's had both decent compatibility with normal SWF as well as full GPU acceleration for every platform possible include Linux.
Shumway's potential is lost now. I would love for Firefox to take on the same model as Chrome and bundle Flash in the browser and Shumway was a half-baked way to do this.
Hm, to view old content, you can also use the old flashplayer - so nothing is lost.
I doubt, that creating a new flash-player on webgl/wasm base is worth the effort, as it would be very complex.
(because contrary to popular opinion adobes flash engineers were pretty good)
I was a Flash developer. It blows my mind how far and wide this plugin went. We're still dealing with a transition out years after it fell out of favour. It's kind of neat and a good reminder that if people start using a technology it's not so easy to simply move away from it. Very similar to the days of IE 5,6,7,8 (and yes I know that's not "over" either... but a lot less of a concern than it was).
Still, faults aside, Flash was awesome. It was an advanced "Hypercard" (which I learned to build things in as a kid). I hope we don't completely lose some of the good aspects of these technologies.
They need a more technical description of "default experience". How is Chrome supposed to know if a site only supports Flash? I've tried several sites that require Flash, but only until I change the user agent to a mobile browser. Will Chrome try messing with the user agent in this case?
Chrome (and Firefox [1]) will hide Flash from navigator.plugins so that sites will think Flash is not installed. Sites that have an HTML5 alternative will fall back to that. Sites that don't will display show a "Please install Flash" error message. Chrome and Firefox can show an in-browser prompt to allow Flash, which will allow the page to continue.
If the site is so poorly done that you have to fiddle with the user agent to get it to work, I'd say good riddance to that site.
Sites like that need a market pressure to become good, and you quitting said site is a vote in the right direction.
Flash has also been used to circumvent some of the browser protections, especially for older browsers. For example it has been the way to achieve cross-origin http requests (CORS) for browsers that don't support it, like IExplorer < 9 (or 8?) and even IExplorer 9 because the CORS support is shit for that one. On one hand it's been cool for developers to be able to do such things, but on the other hand it makes your browser less secure.
Anyway, I'm a Firefox user and I don't have Flash installed. The web works just fine without it. One less plugin to worry about.
One problem with archive.org is that it retroactively obeys the robots.txt file, even if the files have been spidered and archived [0].
For example, consider the case when a new domain owner attempts to block all bots from spidering their site, by adding something like this to their robots.txt file
User-agent: *
Disallow: /
This is actually a fairly common case when domain resellers purchase expired domains.
Now when you try to visit the archived link, because the live robots.txt file disallows bots, you won't be able to access the archived site (which may have been owned by someone completely different).
This is true, however they don't purge any of the old archives. If the robots.txt is updated to allow bots again then all of the previous archives will become available again.
it seems weird to me to retroactively obey robots.txt for a _different_ version of the site.
It makes much more sense to archive the robots.txt along with the content, and use the robots.txt linked with that version of the site. Updating the current robots.txt shouldn't affect a past archive.
I believe the reasoning is that if I accidentally published a public page and didn't realize it but later fixed the problem, I'd like to make sure no one else could see it later. It's probably easier than dealing with all kinds of takedown requests.
> In December, Chrome 55 will make HTML5 the default experience, except for sites which only support Flash. For those, you’ll be prompted to enable Flash when you first visit the site.
Are they still planning to grant a one-year exemption to the top ten flash-only sites? The article doesn't mention it, but I haven't heard anything about it being cancelled.
As far as I understood, the rumours were blown up. Chrome will show a prompt asking you whether you would like to allow Flash (similar to the one asking you to give permission to access your location) if it's used on the website you just opened.
The only exemption those top 10 Flash sites will get is they will have this permission by default, but you should still be able to both permanently add other websites to the whitelist and remove those default ones ones from it. Which, in my book, isn't nearly as bad as Apple's hardcoded support for FairPlay + DASH in Safari only on netflix.com.
I could be wrong though, there could be more stages where it gets harsher and what I described is only the first step.
When I clicked on the link, I expected to see something like "Flash is an abomination and shouldn't exist, that's why we are killing it". I was wrong and happy to be. Today "Flash" means "problems", but I remember the time where it meant "modernity" and "Improved user experience": I'm glad to witness that Google discards Flash while honoring its legacy!
I find it a bit funny and ironic that the only app I regularly use which prompts me to install Flash [0] is Google Music. On both Safari and Safari Technology Preview!
I'm all for killing Flash, but if even Google is unable to completely do away with it, doesn't that mean that it might be a premature move?
I don't have any interest in seeing Flash kept around. In fact, I'm quite happy to see it die. But do we actually have working alternatives for the problems it currently solves? I don't ask this rhetorically, I'm very curious if there's still problems which HTML5 is unable to reasonably solve.
That is ... strange. I run chromium on FreeBSD without flash, and Google Play Music works well for me (as opposed to Amazon Music, which wants flash). Perhaps it is something about safari vs chrome?
Google Play Music supports HTML5, however I think it works better (i.e. more tested) with Flash or something. So Flash is still the default, while HTML5 is the fallback.
And btw, GPM seems to use a similar DRM method as the one supported in Netflix, so if your browser does not support DRM, you're out of luck [1].
whatever your problem: slow machine, battery, security, etc. it's all its fault
seriously, if everyone have already moved to HTML5, how come we are still blaming Flash for those daily petty problems ?
It's not used so let's block it but it is still responsible for the majority of problems ...
nobody notice the ambiguity of the argument ?
It's quite painful to see such arguments from Google, I thought they would be smart enough to understand that any popular technology get hacked, the problem is not really Flash, its the browser itself (and the advertising networks that are perfect to distribute dodgy payloads to tons of users).
The other sad point is the amalgam of everything, for some ppl Flash equals advertising, and that's bad so Flash is bad, and they don't want to think further than that.
The choice of the users ? The tons of SWF content (that will probably not be ported to HTML5) ? nobody care apparently
And about throwing everything in the same bag, so apparently if Flash is dead then ActionScript is dead too right ?
nope
Flash is just 1 runtime running in the browser, there are other runtimes: Adobe AIR for desktop and mobile, and also Redtamarin [1] for the command-line / server-side.
I used to make and release flash games and still have them on my website. Is there a good low-to-moderate effort way to convert them to HTML5?
A couple of the games used a ton of frame by frame animation with large sprites, so they probably wouldn't convert to spritesheets very well and should stay vector graphics.
No, there is not a simple way to convert flash to html5. I say from experience, we look for it for years.
Moreover, you can rewrite a game in html5 from scratch, if it is simple enough, but it will be slower, less smooth, and require some latest browser versions to run at all.
So what specifically is going to happen? Instead of a click-to-play box, you'll get an HTML5 version of the content if the site is serving one, and if the site isn't serving one, you get a button to click to enable Flash content on that domain? Seems a little unclear to me and not much different from click-to-play. It sounds like Flash will continue to work with a clickthrough, which is the status quo.
I can't be happier that Flash is bein removed except that I a heavily use Google's own MotionChart[1] which is built using Flash and there seems to be no HTML5 alternative yet available [2] (although google internally seems to be uing a HTML5 version of it [3]):-(
This seems to me to be an obvious power play by google. Does no one else see how this is not against flash, but in favor of code which google can analyse and extract data from. When the analytics are in flash, google has no insight, but when forced into js they have full visibility into everything a developer does.
> Does no one else see how this is not against flash, but in favor of code which google can analyse and extract data from.
I doubt that very much - Google has been extracting data from and indexing Flash content for close to a decade[1]. If they wanted to reverse-engineer the behaviour of flash code, they could run it as blackbox code in a Flash sandbox
> Does no one else see how this is not against flash, but in favor of code which google can analyse and extract data from. When the analytics are in flash, google has no insight, but when forced into js they have full visibility into everything a developer does.
The bytecode format and semantics of both AVM1 and AVM2 (the VMs used in Flash) are common knowledge.
Not only that. I believe the main purpose of the whole war agains flash is to kill the online games ecosystem, from which neither Apple nor Google make profit, and move gamers to appstores.
That seems unlikely. It's true that Flash is overwhelmingly popular among browser game devs, but there's been efforts to encourage them to move to HTML5 for years, because Flash is terrible for users.
Why would Google themselves care about what developers are reporting back? It's not as if they don't have insight into the types of analytics people care about: Google Analytics is very large.
Meanwhile, it's pretty easy to force Firefox to apply this policy right now. Just go to the Plugins screen and select "Ask to activate" for Flash. I've been using Firefox like this for over two years, and have never been happier with my web experience.
To all those saying Flash is dead or dying, this is simply not so. Mainstream use of Flash may be on it's way out, but browsers will continue to support it in one way or another for the foreseeable future.
Why? As I've said before, and will say again: A lot of enterprisey applications have tools developed in Flash/Flex. Mostly internal and B2B tools, but tools nonetheless. It's not likely that they will be replaced anytime soon, because no one is going to authorize the budget for replacing something that still works, so Flash will be around in one form or another for a long while.
The same is true for java applets. There are still lots of LOB applications that depend on it. Nonetheless, chrome removed support, firefox said they will by the end of this year, and Edge has no support.
Companies still using them are now in the same position as those using active-X, they need IT to deploy special measures for users that need to access them.
I think it's fair to sum up this situation by saying that java applets are dead or dying. Flash may well be in the same position in 3-4 years.
I was going to counter by saying that our MIS displays some reports using a java applet, and I can still access them in Chrome. However, I just attempted to run one of those reports, and it turns out that the latest version of our MIS no longer offers the java applet as a display option. Therefore, I must concede. TIL.
Am I the only one who feels like this has been talked about for a long, long time? I actually already thought that Flash had been just about eradicated from the major browsers.
I still use Flash for youtube (with an add-on that enforces it) because Firefox doesn't seem to be able to handle my 4-monitor Xmonad setup properly with HTML5 fullscreen video. And the process also locks up my soundcard until I kill the process. Flash behaves much better. After youtube ditches its Flash player altogether, I guess it's chromium for YT then. No biggie.
Same with me as well, Firefox or Chrome both are slower with HTML5 media versus flash. Flash video runs faster than HTML5 and also has hardware acceleration which HTML5 fails at on my hardware, a couple of laptops and a desktop rig.
> Today, more than 90% of Flash on the web loads behind the scenes to support things like page analytics. This kind of Flash slows you down, and starting this September, Chrome 53 will begin to block it.
I'm all against Flash. But this argument sounds silly. Why not handle this like any decent OS, and "nice" the Flash portion of the page, so that it takes only cycles (or bandwidth) which are otherwise left unused?
And funnily enough, Google itself is behind a lot of that JS bloat and background tracking. They are probably not the ones that should be pointing fingers at Flash.
Good. Maybe that'd force Facebook to update their OpenGraph video embedding. Right now it essentially requires an URL that's either application/x-shockwave-flash or video/mp4 (with undocumented <iframe> embedding for chosen parties), which doesn't really cover all the cases for online videos (e.g. live streaming with DASH or HLS).
The article mentions Flash content slows web page loading and is power inefficient. Flash also has an abysmal security record. Chrome 53 will start blocking certain kinds of Flash usage, and Chrome 55, in December 2016, will go further.
Even then Chrome's battery usage is pathetic. I sincerely hope you guys get it right in battery consumption from within chrome rather than blaming on flash! Please! It hurts.
"Everyone that owned one" feels like kind of an exaggeration, but it was a big feature at the time. I found it very useful for video players and was glad my phone could plug the gap while the web caught up to HTML5.
I thought it was a killer feature right up until I actually tried to play a five-year-old Flash game on my brand-new, cutting-edge Galaxy Nexus and got like 3FPS.
All that left was Flash video (very easy to replace server-side, just switch to an HTML5 player and all the videos on your site are good to go) and sites with Flash-only interfaces (good riddance, for the most part).
I guess it would be nice to watch Homestar videos on my phone browser instead of having to find them on YouTube, but that's literally the only other use case I had.
I updated my Chrome today (Mac OSX) and the graphics took a huuuuge step backward. Almost like someone accidentally published the Linux build to the Mac link. A couple of my friends have reported the same experience, but I don't see anything official about this. Am I going to have to attempt to downgrade to get the better UI back?
It's the new "material design". You can disable it in chrome://flags to get the non Windows 95 style back. I too hate it. Not sure what the recent design trend of sucking all colour from UIs is hoping to achieve.
When they eventually remove the Material UI toggle from chrome://flags, I'd recommend installing a Chrome theme that you like rather than rolling back actual security patches and bug fixes.
I don't know what you guys changed under the hood, but I'm
experiencing the exact opposite of your first paragraph claims:
most videos don't work, and it's draining my macbook's battery
at an unprecedented rate. I can live with my flash videos not
working, but the reduced battery life is making chrome
unusable.
> Also worth mentioning Apple blocked Flash all the way back in 2007 on the original iPhone. Good to see Google doing it now, nine years later.
Apple didn't block Flash, that's a lie. It just didn't implement plugins in the iPhone browser. Adobe AIR apps that are running Flash were allowed on iPhone. Games like Machinarium were built with Flash and running on iPhone. So your statement is completely incorrect. I'm no fan of Flash but your statement is bullshit.
Apple did not allow alternative browsers with alternative rendering engines and plug-in system that could have supported Flash. So, they did in effect block Flash in browser (if not Flash in an app).
They didn't block Flash in their browsers. They just didn't implement the <object> element in the iOS browser. No support for plugins doesn't mean blocking them. Blocking is something proactive , You block ads , ignoring an html element isn't blocking that element. A browser that doesn't support SVG doesn't block SVG. Just be honest, what you say is completely wrong and there is no room for interpretation here when it comes to the definition of blocking.
You're missing my point that they banned anyone from trying to implement Flash in the browser. It's OK to say "we don't want to spend time implementing Flash on iOS", it's another thing entirely to say "no one else is allowed even to try". They're blocking entrants in the Apple app store. If you want to be pedantic about the word "blocking", then swap it with banning instead if you like.
Maybe we can be grateful for Apple spurring the movement, having no flash whatsoever (in contrast to even "flash-lite" on Android) was really painful on the iphone back then...
They didn't ban Unity. The legacy NPAPI extension format (which the Unity web player plugin was built on) was deprecated in favour of PPAPI.
NPAPI was outdated, unperformant and insecure, the goal of PPAPI was to address those issues. All that would be needed for Unity web player to work out-of-the-box in Chrome again is for it to be ported to PPAPI
And they were given a 4 year heads up that chrome was going to remove it.
Instead Java used that time to build several help pages that showed you how to install other browsers then made a shitty anti-chrome campaign when it was finally removed, and unity just sat there and did nothing the whole time.
"I don't expect Chrome to keep supporting PPAPI native plugins for any longer then they have to (in order to support Flash), because it has the same security issues as NPAPI.
And, porting the plugin to PPAPI would be far from trivial, and not be compatible with existing content anyways"
Is any of that fundamentally wrong? They decided it was a better use of their time to go right to WebGL.
Honestly I'm not that sure, and that was a shitty way for me to word it about Unity. The big thing with PPAPI is that it can be much more sandboxed than NPAPI ever could, which means it already has a big step up in security, but obviously anything whose purpose is to circumvent the restrictions put in place for the browser is going to be inherently less secure than just running a website. In the end PPAPI could let you run code from a webpage as "root" on your computer, and there is nothing Chrome or anyone else can do to stop that.
That being said, I think Unity is going in the right direction trying to get away from plugins altogether. They are trying (successfully IMO) to compile to "true" web technologies and let the game be exported as HTML5 and javascript which is the right choice.
> They didn't ban Unity. The legacy NPAPI extension format (which the Unity web player plugin was built on) was deprecated in favour of PPAPI.
Which had the effect of banning Unity.
I understand that this was a good move from a general security standpoint. I'm annoyed that Google has done their best to make it impossible for a power user to override it, just as they made it unreasonably complicated to install non-Google-approved plugins.
By all means, set your softwares' defaults for general security. Don't tell me what I'm not allowed to do with my own computer "for my own good." We don't accept that when Microsoft or Apple does it.
> All that would be needed for Unity web player to work out-of-the-box in Chrome again is for it to be ported to PPAPI
No. All existing Unity apps would have to be recompiled. Making legacy games harder to run leaves a bad taste in my mouth, even if it's for good reasons.
They wouldn't have to be recompiled. Unity apps running via UWP don't execute directly in the browser document context, UWP is it's own stand-alone plugin which is then embedded where needed in the page (similar to Flash and Java), this is why you have to download the UWP executable in addition to the browser plugin. The browser plugin is merely a wrapper for the UWP binary.
Unity apps compiled against the UWP runtime should run all the same regardless of whether UWP is wrapped in an NPAPI or PPAPI plugin, unless the wrapper plugins themselves and/or how they call the UWP runtime are implemented differently.
Flash can be blocked, through browser extensions, CSS, or simply by removing the !@#$%^&*() Flash plugin, disabling all autoplay video.
HTML5 has no such similar functionality.
This feature of Flash is very sorely missed.
(/etc/hosts or similar blocklists of all known video service providers is an effective and reasonably concise, if not entirely perfect, alternative. I recommend it.)
My experience on hiding video was that the video was hidden, yes, but the audio continued to play and video content, I believe, was being downloaded.
I've yet to find an extension which blocks all video effectively. Or prevents autoplay.
Chome/Android doesn't support extensions at all. So there's that.
Flash, by its very blobbiness, had an effective defeat mechanism: remove the blob.
Again, for video, especially autoplay sources, I've found blackholing the video platform provider's hosts or domain quite effective. It's still only a handful for most offenders. And if the practice spreads we may see pressure from the providers themselves to defeat autoplay.
Though those of us blocking will be beyond caring.
The FLV format also finally made streaming video a seamless experience for the end user; leading to the creation of Youtube and other streaming video services.
Like all technologies, Flash was overused in places (pre-loaders, rotating 3d logos, banner ads) and Adobe's push towards Flex and RIA's took Flash away from of it's roots in animation for quite a few years. However, it will be interesting to see if the equivalent HTML5 stack follows a similar timeline-- minus the website pre-loaders...of course.