Slashdot Mirror
Firefox Support For NPAPI Plugins Ends Next Year (mozilla.org)
An anonymous reader writes: Mozilla announced that it will follow the lead of Google Chrome and Microsoft Edge in phasing out support for NPAPI plugins. They expect to have it done by the end of next year. "Plugins are a source of performance problems, crashes, and security incidents for Web users. ... Moreover, since new Firefox platforms do not have to support an existing ecosystem of users and plugins, new platforms such as 64-bit Firefox for Windows will launch without plugin support." Of course, there's an exception: "Because Adobe Flash is still a common part of the Web experience for most users, we will continue to support Flash within Firefox as an exception to the general plugin policy. Mozilla and Adobe will continue to collaborate to bring improvements to the Flash experience on Firefox, including on stability and performance, features and security architecture." There's no exception for Java, though.
Too much use of the word 'experience' shows that Mozilla has been taken over by managers.
I haven't used Windows in any real capacity for a decade and a half but... Firefox is still 32-bit on Windows? I had no idea...
Must be an American company.
Wasn't that the original reason for the Jarva programming language to begin with?
Thing is, I absolutely refuse to browse the web without the plugins which increase my security....noscript AND requestpolicy.
Anything else is just not responsible. Unless mozilla intends to make script blocking and 3rd party contend loading control as core features (as they should be), then....I wont be using it.
"I opened my eyes, and everything went dark again"
Plugins are bad, but we will not just remove the technology from the browser. Instead we will decide for you which plugins are still acceptable and which are not.
Say hello to PaleMoon.
Of course, there's an exception: "Because Adobe Flash is still a common part of the Web experience for most users, we will continue to support Flash within Firefox as an exception to the general plugin policy. Mozilla and Adobe will continue to collaborate to bring improvements to the Flash experience on Firefox, including on stability and performance, features and security architecture."
The moral is, if you screw up in small scale you pay the price. If you screw up in gigantic scale, others will accommodate you. Small borrowers get foreclosed. Gigantic debtors get bailed out. Minor plug-ins with stability and security issues get pulled.Even major ones like java. But you screw up in gigantic scale like Adobe Flash, the market prices your misdeeds in and expects others to act knowing, "yeah, Adobe Flash is a mess, but we know it is a mess, we need to work around it".
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
"Plugins are a source of performance problems, crashes, and security incidents for Web users"
So is your browser. And whatever happened to choice? If I want to use a plugin that may crash occasionally thats up to me - not you. What next - I can only view web pages that your browser deems acceptable? Asshats.
If your going to continue to support Flash this move does very little to push the real problem facing plugins. Flash is one of the worst performance hogs and security problems. Also dumping the likes of Silverlight which both Netflix and Amazon use for better streaming quality in a browser leaves people to use Flash?? Really?
Its possible both Netflix and Amazon are poised to break from plugins in the next year and move exclusively to HTML5. But that still leaves a lot of other sites using Silverlight and other plugins that creates problems. But I would not expect Mozilla to dump Flash plugin first. I expect Google to actually make this move and to be technical Safari dumped Flash before anyone on Mac's but many users simply install it anyway.
Add-ons will continue to work. This is talking about NPAPI plugins.
What is NPAPI ?
and does this have anything to do with the add=ons and plug=ins specific to Firefox and Seamonkey
SAome of which break every time they put out a new version of FF
I hear version 42 is out soon - any HHGTG easter eggs in it?
Firefox isn't that technologically interesting anyway. A crusty single-threaded browser running on the old hacked Netscape engine.
First and foremost, to be clear from the start, let me say other browsers cannot replace Firefox. Simply as that. Chromium? Nice, useful as a reasonably complete second option. Likewise current Opera; old Opera (and maybe Vivaldi) was more interesting exactly because it had a totally different code base (no longer the case, I assume). Midori, Qupzilla, Rekonq, Konqueror? Of all these, only Qupzilla seems more complete, but all of them work well as secondary browsers (the one I open to have a separate app from Firefox).
But why? Because there are more situations in which Firefox works and the others not than the reverse. Because some present plugins allow for an improved customized user experience which other browsers won't offer. Plugins to avoid overload (by activating Flash on a case-by-case basis), to allow playing uncommon formats (remember when ogg wasn't well supported? what about the new "flif"? maybe thtat can be circumvented with the use of external apps...), etc.
Java is particularly important. No plugin will mean no longer access to my bank with Firefox (Java required, recently I noticed it started working with IcedTea, but I think my yearly IRS statement will still require the Oracle version (yes, we can use Linux for that over here).
It's not that I doubt the plugin mechanism has inherent problems; but I'd like to keep on using Firefox.
For instance, I must use a smart card (like the ones with chips used in banks) on certain occasions: for work, for certain public services which require authentication, soon to sign documents for legal purposes, etc. Firefox is the only browser (that I know of) which provides a way to work with a card reader on Linux (on Windows, there's IE, too). Chrome uses IE infrastructure, IIRC, but cannot use the Firefox registered certificates, like Libreoffice does.
All those things put Firefox in a central position on Linux regarding usability and site access, and something that we'd better keep working at all costs.
Of course things would still work even without plug-ins... as in the idea of using external apps (I believe it's the case of the Unity player, which I don't use nor know).
Finally, plug-ins are a very important concept in modern computing. A lot of things use them. Are we just abandoning NP API plug-ins or the entire idea?
We really should have more choices. Perhaps one of the browsers I cited could be developed to assume a similar main role? Or maybe Firefox could be split even further, extracting elements like certificate handling to make it an OS- or DE- (or distro-) specific feature?
Firefox Tools->Addons->Plugins doesn't mention it.
sexbomb?
Chrome removed them. IE hasn't supported them, if ever, in at least 15 years.
I don't think you know what an NPAPI plug-in is. There is Flash, PDF, Java and about anything else is a malware attack vector.
On an iPhone, as an example, none of the above are supported. Chrome and FireFox include their own PDF viewers to evade PDF. Flash is being killed by every browser in favor of HTML 5 video. Java is just being non-supported.
" Also dumping the likes of Silverlight which both Netflix and Amazon use for better streaming quality in a browser leaves people to use Flash??"
Netflix uses HTML5 video. Load up Netflix in Chrome after deleting Silverlight and Flash.
YouTube --- uses HTML5 video too.
This is not new. This happened 2 or 3 years ago. You don't need Silverlight or Flash for video, not even Netflix.
How am I going to play at NetBabyWorld without shockwave?
My Other Computer Is A Data General Nova III.
It's too bad they didn't include Flash. The sooner it shuffles off the web stage the better.
Are you talking about plugins or addons. The two are completely different things. Addons are staying, npapi plugins are going.
NPAPI plugins are not to be confused with Firefox extensions.
The fact that they have both been found in about:addons for some time now is a source of confusion.
Like a lot of people, you're thinking of extensions.
All Firefox plugins use NPAPI.
By the way, real plugins are found in about:addons in the "Plugins" tab.
see subject
https://www.apple.com/hotnews/... (A bit old, but probably still relevant.)
There isn't much advantage to a 64-bit browser anyway
There is if all tabs are running in one process, as opposed to one process per tab like in present-day Chrome or the experimental Electrolysis feature of Firefox.
How long until we see forks of Firefox that don't give up on plugins?
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
all over again. There's little conceptual difference between a java applet and the giant blob of obfuscated javascript that you get with something like Google Web Toolkit, suck in and run in your browser. Well, except one important thing. The JVM running an applet is ALSO a general purpose VM, so if the security malfunctions it can do bad things. The JS interpreter started out as unable to do bad things, so a security malfunction there is less likely to cause a full-scale security breach.
They need to get rid of the flash based one.
You can tell the technical experience of Slashdot readers has gone down over the years by the numerous posts trying to explain plugins != addons (and JavaScript != Java on those articles). But to be fair, Firefox's poor UI choices of using the similar terms: plugins, extensions, and addons right next to each other and sometimes interchangeably can be partly to blame. I wish more people would spend a bit more time thinking when picking names for things.
The number of people on here confusing plugins and extensions is legit depressing.
What the fuck happened to this place?
Go back to macrumors or Jizzmodo or whatever crap sites you came from.
Now all I need is for Synology to upgrade surveillance station to html 5 or its going to be IE only.
Where is the mod option of "-1 Dumbass"?
Pale Moon is based on an older Firefox base, but I'm very curious as to whether it will continue to support NPAPI after Firefox axes them. Anyone know for sure?
In August Mozilla announced they are going to deprecate XUL-based extensions, which hurts popular extensions such as DownThemAll. In fact the DTA dev has posted an insightful comment in his blog regarding this decision:
http://www.downthemall.net/the-likely-end-of-downthemall/
With a fresh profile and no or few extensions, Firefox's single process model is nice.
However, with some extensions, Firefox may slow down in a matter of hours or even less depending of usage.
That's why I hope that Firefox will switch sooner than later to the multiprocess model. I prefer it to use more memory if it means it won't slow down.
And of course, it will still be possible to disable it if we have too little memory.
By the way, don't worry about extensions, they won't go away anytime soon if ever.
Either build a Flash decompiler to translate it to HTML5
Which would need permission from each uploader, and I'm not sure whether the submission agreement that was in effect at the time of each upload already granted this permission. I imagine it's not like YouTube, where transcoding is mentioned from day one as an expected part of video delivery. If not, how will Newgrounds manage to contact all authors of uploaded SWFs to seek permission to convert to HTML5?
I'm the author and maintainer of a small open-source Java (NPAPI) plugin and we started porting our Java Applet software to a desktop app in January and finished in June. Our codebase is small and we spent about 6 months creating a websocket + jetty wrapper around the existing LiveConnect calls so that our customers could continue using the applet.isActive() and family until we could retire the applet entirely; properly.
Getting desktop installers written for all of the platforms took a lot of time (pkgbuild for Mac, NSIS for Win, Bash for Lin). Getting the JRE GUI bugs worked out took a bit of hacking too -- but we made the transition. Getting support on Edge, IE11, Firefox took some very specific hacking (cert install, loopback rules, etc) but we can finally say we support them all.
Security was a tough decision. We rolled out our own certificate process for determining what message to our app are "trusted", by becoming a mini-CA and rolling our own amazon hosted CRL for revocations (overkill for most projects, but we talk directly to hardware and need to prevent unsolicited garbage). Websocket over HTTPS support was (and continues to be) a complicated process due to mixed content warnings in most browsers (we have this working BTW). Some of our NPAPI customers aren't happy with the new step of installing our software (and Java), so we may port to C++ eventually, but we aren't ready to switch our codebase just yet. If the browser is old and doesn't support websockets, we still fallback on the NPAPI code until this transition is over.
Why am I mentioning all of this? Well... because like other open source projects, we can learn from eachother and make our products stronger in a time of stress/struggle (for those products still being maintained of course. Rather than shamelessly plugging a piece of software noone wants, I'll offer a conversation instead. I'd be happy to chat about this on IRC, email, phone or IM whatever. tres at qz dot io, outliving this NPAPI obstacle. :)
Now I just need my bank to conform to Mozilla's timetable and scrap it's NPAPI based smartcard access plugin by then... Like that's gonna happen...
A lot of my schools use old resources on the web that require things like Java, Flash and Silverlight. What's the alternative, just keep them on really old versions of Chrome/Firefox/Opera?