In a move aimed towards quickening the latter’s exit from the web, Google has outlined a module to push HTML5 by default in Chrome, instead of Flash. Starting from the fourth quarter of the current year, the company plans to only serve Flash by default for the top 10 domains that still use the plugin.
For the rest of the sites spanning the web, HTML5 will be given preference wherever possible, with Flash, requiring users permission to run.
So basically, the Chrome browser will continue to ship with Adobe’s Flash Player, but its presence will not be advertised. The move is not exactly a bolt from the blue, after all the platform had consistently been hailed as one of the most vulnerable out there and ended up landing the third spot (with 300+ bugs) in last year’s list of the fifty most buggy softwares, with Apple’s OS X on the top.
The platform is also legendary as being particularly un-conducive to security. Barely a month ago, Adobe launched an update to quash a bug in flash that was being used to introduce Ransomware into computers.
Flash has been included in Google’s browser by default, but the Internet giant has been slowly but surely pausing content that wasn’t central to the web-page (ads, animation etc.) in favor of the central content, such as games and videos. The overall effect was to reduce Flash in favor of HTML5.
According to a Google presentation on the topic,
- Flash Player will come bundled with Chrome, however its presence will not be advertised by default1.
- If a site offers a HTML5 experience, this change will make that the default experience.
- When a user encounters a site that needs Flash Player, a prompt will appear at the top of the page, giving the user the option of allowing it for a site (see mocks on the following slide).
- If the user accepts, Chrome will advertise the presence of Flash Player, and refresh the page.
- Chrome will honor the user’s setting for that domain on subsequent visits.
- To avoid over-prompting users, we will initially ship with a white-list of the then top 10 sites (based on aggregate usage). This white list will expire after one year.
Also, when the user encounters a site that attempts to load Flash Player, which they have not previously approved, a prompt will appear requesting approval to run Flash Player on that domain. The page will then be refreshed with flash enabled and the preferences saved, so that they don’t have to answer prompts the nest time they visit the same page. We expect Google to eventually phase out these prompts too, but for now, the company seems to have settled on a middle path.
The top 10 list at the moment consists of YouTube.com, Facebook.com, Yahoo.com, VK.com, Live.com, Yandex.ru, OK.ru, Twitch.tv, Amazon.com, and Mail.ru. The company also said that,
The term “Plugins” will likely be replaced by Flash Player (our final “Plugin”)
Meanwhile, Google seems to be in a hurry to rid itself of Flash and all its attendant problems. Google Chrome decided to freeze Flash ads last September, a month after Adobe warned users of significant glitch in the Flash player which exposed the user machine to hackers.
YouTube, a Google subsidiary, also got rid of Flash for HTML5 video by default and began converting Flash ads to HTML5, with plans to completely stop Flash ads by early 2017.
The company however, is also working out ways to ensure that the extraction process is as painless as possible and that Flash still runs unimpeded when companies use it on their internal networks. Enterprises will have the option to control how Flash and associated content run on their internal networks.