Trending

Firefox Joins Other Major Browsers In Default Blocking Of All Flash Content By 2017

By Security 

Mozilla joined other browser vendors in announcing that Firefox will start blocking invisible Flash content this August, and that starting with 2017, it will block all Flash content by default as well.

Last year, Adobe, the creator of Flash, started encouraging Flash developers to switch over to using HTML for their content. However, the transition is not going to be a fast one until browsers start outright rejecting Flash content. Apple has already tried for almost a decade to kill Flash, and despite the popularity of its iOS devices, there are still many websites, especially those serving video content, that continue to use Flash players.

Many advertisers are also still reliant on Flash, which makes it difficult for websites to switch entirely to HTML. Google, Amazon, and Facebook began to push advertisers to HTML last year, while Chrome (and soon Microsoft’s Edge as well) has already started to auto-pause Flash ads, which also began last year. Chrome and Safari will both start to block most Flash content by the end of this year.

Mozilla said that Firefox would start blocking invisible Flash content next month that is not essential to the user experience. According to the company, this should reduce crashes and hangs by about 10 percent on average for its users. To maximize website compatibility, Mozilla will only block a curated list of Flash content that it can replace with HTML.

Over time, the list of content that Firefox can block will increase to the point where the browser will block all Flash content by default in 2017. That’s when Firefox will require “click-to-activate” approval from users for all Flash-based websites that not have switched to HTML.

In March 2017, Firefox will also completely drop support for all the NPAPI plugins, with the exception of Flash. The enterprise version of Firefox (ESR), which Mozilla will release the same month, will continue to support the Flash and Java plugins until 2018. Users who may still want to have Flash enabled by default could switch to Firefox ESR to use Flash for a while longer.

Flash has been the source of many critical browser exploits, so web security should improve significantly once major browsers do not support it anymore and most websites have made the transition to 100 percent HTML content.

9 Comments Comment from the forums
  • InvalidError 21 July 2016 14:28
    I wish blocking Flash by default had been more common years ago. Same goes for stopping animated PNG/GIFs and most other types of embedded media.

    I started blocking all media I could block by default many years ago after I got woken up at 3AM by a noisy Flash-based ad.
    Reply
  • anbello262 21 July 2016 15:38
    I hope they still continue to give you the choie to activate certain flash based content.
    There are some old websites that have not been updated in many years and still use some flsh that I still visit sometimes, and I wouldn't like to lose the option to do so.
    Reply
  • Jeff Fx 21 July 2016 15:58
    18311255 said:
    I hope they still continue to give you the choie to activate certain flash based content.
    There are some old websites that have not been updated in many years and still use some flsh that I still visit sometimes, and I wouldn't like to lose the option to do so.

    FTA:
    Over time, the list of content that Firefox can block will increase to the point where the browser will block all Flash content by default in 2017. That’s when Firefox will require “click-to-activate” approval from users for all Flash-based websites that not have switched to HTML.

    Reply
  • anbello262 21 July 2016 21:05
    Yes, I understood that part. I actually meant in a longer term, hoping that they do not drop support altogether. Although I might be able to use a VM with an old OS and old browser to fix my issue.
    Reply
  • InvalidError 21 July 2016 21:46
    18312706 said:
    Although I might be able to use a VM with an old OS and old browser to fix my issue.
    Adobe itself plans to discontinue Flash Player at some point in the future. More browsers disabling Flash content by default will give site designers an extra kick in the ass to convert their Flash-based sites to something else a little sooner. Apparently, the lack of official Flash support on smartphones and tablets isn't enough to achieve that.
    Reply
  • mrmez 22 July 2016 07:06
    About.
    Bloody.
    Time.

    People freaked when Apple started this a few years ago.
    Can't come quick enough. It's surprising how many big, big websites still use flash.
    Reply
  • none12345 23 July 2016 23:13
    Cant happen soon enough. DIE FLASH DIE!
    Reply
  • Anton_14 24 July 2016 15:22
    It's about time. I use a add-on in all my browsers to block it and have done so for years. Flash content slows the browser down besides being a nuisance. If I need to, I can always enable it for specific content.
    Reply
  • virtualban 27 July 2016 09:54
    I used to stop installing flash on people's computers, and guiding them to use chrome if really needing to watch something that was not working properly. I like to think I have contributed any tiny bit in this direction.
    Any tiny bit, over time, over many similar mindsets... big change. Now, Flash is not such a big change (I mean, it should have been dead long ago; it is putting things where they are supposed to be), but other events may be, for example #BAUniC
    Reply