Statement on Google Chrome Phasing Out the NPAPI Plug-In Interface

This week, the Google Chrome team announced it is phasing out the NPAPI plug-in interface, which has a direct impact on the functionality of major browsers plugins. Since it migrated from the NPAPI interface to the modern Pepper Plugin API (PPAPI), Adobe Flash Player is not affected by this change.

Video-specific functionality such as Adobe Primetime DRM (formerly Adobe Access) and Adobe Primetime Player SDKs are also not affected. There is no migration work required, as Chrome browser users have already been using the PPAPI version of Adobe Flash Player.

Chrome browser users will automatically receive new features and security updates due to the integration of Adobe Flash Player with Chrome, which permits seamless background updates.

For DRM-related questions or feedback, please visit the Adobe Primetime Community Forum.

On Improving Privacy: Managing Local Storage in Flash Player

Adobe Flash Player delivers some of the most compelling, interactive experiences on the web. The team works hard to add new features and push Flash Player capabilities so designers and developers can make the richest content available. We’re also committed to continuously improving Flash Player in less conspicuous areas, such as privacy. Privacy is a hot topic, and there are good reasons it’s on many people’s minds, so we wanted to share some of the work we’re doing to help you protect your privacy.

Some of the Flash Player team’s privacy efforts are happening around a feature of Flash Player called “local storage” (often called local shared objects or LSOs, and sometimes incorrectly referred to as “Flash cookies”). Local storage is required functionality to provide the quality web experience you expect from today’s rich Internet applications (RIAs). It is used by a number of Web technologies, including Flash Player and similar plugin technologies, as well as browsers that support HTML5.

Why is local storage helpful for web apps? Using local storage means information doesn’t need to be stored on a website’s servers. Instead, small amounts of information are stored locally, on the user’s computer. For Flash Player, the default amount of disk storage space is minimal – the LSO is at most three-hundredths the size of a typical MP3. Local storage can be used to allow you to save your website or app login details, site history, or form information so that you can avoid retyping data the next time you visit. Local storage allows you to store work in progress from a photo editor or productivity app, for example. Local storage is also the feature that helps your computer or device remember that you like the volume turned down when you watch videos of your favorite TV show on YouTube, or a video website can show you your most recently viewed playlist without requiring a user account or login. This kind of helpful productivity data is saved on your computer, and Flash Player protects this information so that only the exact website that saved that information can access it.

Since local storage allows sites and apps to remember information, there are concerns about the use of local storage to store tracking information – or of greater concern, to restore tracking information to a browser cookie that a user has intentionally deleted. This use of local data storage has raised questions about privacy. So we’re continually working to make sure that users have better control over the local data stored by applications running in Flash Player.

Most recently, we’ve been collaborating with browser vendors to integrate LSO management with the browser UI. The first capability, one that we believe will have the greatest immediate impact, is to allow users to clear LSOs (and any local storage, such as that of HTML5 and other plugin technologies) from the browser settings interface—similar to how users can clear their browser cookies today. Representatives from several key companies, including Adobe, Mozilla and Google have been working together to define a new browser API (NPAPI ClearSiteData) for clearing local data, which was approved for implementation on January 5, 2011. Any browser that implements the API will be able to clear local storage for any plugin that also implements the API.

Keep your eye on the Google Chrome dev channel to see this feature show up in the coming weeks.

We expect other vendors to be rolling out support for this capability in the near future, and we will continue to work on additional capabilities to improve user privacy in partnership with browser vendors.

The ability to clear local storage from the browser extends the work we did in Flash Player 10.1, which launched with a new private browsing feature integrated with the private browsing mode in major browsers, including Google Chrome, Mozilla’s Firefox, Microsoft’s Internet Explorer, and Apple’s Safari. When you are in a private browsing mode session in your browser, Flash Player will automatically delete any local storage that was written by websites during that browser session once the browser is closed. This ensures that Flash Player can’t be used to store any history or other information from your private session. In striving to ensure a great user experience, we’ve made this seamless and automatic for the user.

Finally, you will soon see improvements to the Flash Player Settings Manager. Since local storage functionality was first introduced, users have been able to fully control their local storage settings using the online version of the Flash Player Settings Manager. By right-clicking on any content that is written for Flash Player, and selecting “Global Settings…” (or by visiting the Flash Player Settings Manager directly), you can customize which sites, if any, are allowed to use local storage. You can even turn local storage off entirely, if you don’t feel you need the functionality for things such as saving game data or your preferences on websites. If you’d like to turn it off just click on “Global Storage Settings panel,” drag the storage amount slider to “None” and select “Never Ask Again.”

Still, we know the Flash Player Settings Manager could be easier to use, and we’re working on a redesign coming in a future release of Flash Player, which will bring together feedback from our users and external privacy advocates. Focused on usability, this redesign will make it simpler for users to understand and manage their Flash Player settings and privacy preferences. In addition, we’ll enable you to access the Flash Player Settings Manager directly from your computer’s Control Panels or System Preferences on Windows, Mac and Linux, so that they’re even easier to locate and use. We expect users will see these enhancements in the first half of the year and we look forward to getting feedback as we continue to improve the Flash Player Settings Manager.

These local storage improvements will give you better control over the information stored on your computer and are part of our ongoing efforts to help you manage your privacy.

Emmy Huang
Group Product Manager, Flash Player

Flash Player and Chrome Integration is a Go!

Per our announcement in March about working with Google to integrate Flash Player into Google Chrome — the initial phase is now complete. When users install or update the Chrome browser, they will also receive the latest version of Adobe Flash Player with no need to do a separate install. Our hope is that the integration between Flash Player and the Chrome browser will serve as a showcase for more consistent, seamless, and intuitive Web browsing experiences. We feel that this work by both Google and Adobe will benefit the entire community of developers and end-users. Read more about the integration from the Chrome team on their blog.

Additionally, as we discussed previously in our original announcement of the Flash Player and Chrome integration, work is underway on a new API called Pepper that can provide a more robust way for Web browsers and plug-ins to interact with each other. We welcome and encourage others to participate in the definition and development of the Pepper API.

Flash Player in Chrome, An Update

As we recently announced, we’re working with Google to integrate Flash Player into Google Chrome so that when users install or update the browser, they will also receive the latest version of Adobe Flash Player, with no need to do a separate install.

Chrome 5.0 and Flash Player 10.1 have been in beta testing together for the last several weeks. Now as we are preparing our final releases, Google is locking down Chrome 5.0 first, without the beta version of Flash Player 10.1 built-in (since the plug-in will still be in beta when Chrome 5.0 ships). Once we finalize Flash Player 10.1, it will be reintegrated into Chrome shortly.

In the meantime, if you download the latest build of Chrome, the integrated Flash Player will not be enabled by default (though it is still available behind the “-enable-internal-flash” command line flag). However, if you have a version of Flash Player on your system for other plugin-based browsers, Chrome will automatically use the shared version of Flash Player.

Flash Player and Chrome Sitting in a Tree

TechCruch just posted about the news that Adobe and Google are going to be collaborating a bit around Chrome and the Flash Player. The basic gist is that Chrome will start integrating the Flash Player directly into the browser so that users will always have the most up to date versions and anyone who downloads Chrome won’t need to also install the Flash Player. I think that’s good, but the much bigger news in my opinion, is that we’re working with Chrome and Mozilla to revamp the plugin architecture. This has huge implications.

We’ve been using an old-school plugin model for a long time. In fact NPAPI, the plugin interface, stands for Netscape Plugin Application Programming Interface. And as the Wikipedia entry states, it’s so sucessful because it’s so simple. The API basically lets plugins associate themselves with a content type (like a SWF file) and then puts that plugin in charge of all the rendering. There’s not a lot of integration between the plugin and the content in the browser which means the plugin lives in its own little world and it’s tough to break out. You can do things like ExternalInterface but it’s still pretty hacky.

But under this new plug-in, we’ll have much closer integration at the browser level. There’s a great summary of what this means at the Chromium blog:

Improving the traditional browser plug-in model will make it possible for plug-ins to be just as fast, stable, and secure as the browser’s HTML and JavaScript engines. Over time this will enable HTML, Flash, and other plug-ins to be used together more seamlessly in rendering and scripting.

Think better access to the hardware APIs via this new plug-in model, better access to the DOM, and a generally much better, more stable experience. The Flash Player in the browser has always felt a little like a black box largely because ofthe constraints in the plugin model. Certain things didn’t work quite as you’d expect in a regular HTML site. Hopefully this changes that. In theory this could make it possible to use the save-password feature with your Flex/Flash apps, or make Flash SEO a lot easier, and it allows us to innovate around HTML-Flash integration. If you’ve used AIR, you’ve seen what’s possible when you have complete control over both technologies. This new plugin work makes that easier to do across all browsers that support it. I don’t know when/if we’ll see it, but it’s easier now.

Another benefit is that the API is going to be OS and Browser neutral so you won’t see such wildly different performance on different platforms. The hooks that we can use to make the browsing experience better will work across all of the browsers that support the new plugin across all of the operating systems.

Improved Flash Player Support in Chrome

The Flash Platform has a long history of delivering Web innovation, and core to the Platform is Adobe Flash Player, our browser-based application runtime. Today, Flash Player is installed on nearly all Internet-connected desktops worldwide, and delivers rich content and interactive Web applications to a rapidly growing number of smartphones, tablets and netbooks. We continue to advance Flash Player through both my team’s work and through the contributions of the Open Screen Project, which includes almost 70 industry partners.

Google is a key participant in the Open Screen Project and shares our commitment to driving innovation on the Web. With this common goal in mind, Adobe and Google are collaborating to take the Flash Player experience to the next level by supporting a deeper integration with Google’s Chrome browser. Today, Google is releasing the initial integration of Flash Player with Chrome in their developer channel, behind a command line flag. Moving forward, Google will be including Flash Player in Chrome so users will always have the most current release and a safer and more seamless experience. To learn more about this integration you can visit the Chromium Blog.

Additionally, we are also working with Google, Mozilla, and the broader community on a new API that can provide a better way for all Web browsers and plug-ins to interact with each other. While the current NPAPI has served the industry well, it lacks the flexibility and power to support the pace of innovation we see ahead. We expect that the new API specification will offer some distinct benefits over the current technology available.

  • The API will be operating system and browser-neutral, minimizing the chance of inconsistent behavior across platforms.
  • The new API is being designed with the flexibility to allow plug-ins to more tightly integrate with host browsers.
  • The new plug-in API will provide performance benefits since the host browser will be able to directly share more information about its current state.
  • The tighter integration provided by the API can allow for a more secure browsing experience as it will be easier to unify security models and collaborate on security techniques, such as sandboxing.

We welcome and encourage the participation in the definition and development of this new API. To read more about this project, visit this page.

Our hope is that the robust integration between Chrome and Flash Player will serve as a showcase for more consistent, seamless, and efficient Web browsing experiences. We feel that this significant effort by both Google and Adobe will directly improve the speed of innovation and move the Web forward, benefiting the entire community of developers and end-users.

Paul Betlem
Sr. Director, Flash Player Engineering

Google and Adobe bringing improved Flash Player support in Chrome

There’s been lot of buzz in the blogs about this over the last 24 hours. Now, the news is official: Google and Adobe are bringing improved Flash Player support in Chrome.
Paul Betlem: Today, Google is releasing the initial integration of Flash Player with Chrome in their developer channel (behind a command line flag). Moving forward, […]

Google joins the Open Screen Project

Recently you probably noticed that I’ve been working on Android a little, and for good reason of course.  Though it would be easy to focus this post on Android, let’s just look at some of the places where Google use Flash today.

  • Youtube
  • Google Maps
  • Site Search
  • Web Search
  • Chrome / OS

So you see Flash is everywhere at Google and we’ve been working together for years to build upon this relationship.  Google joining the Open Screen Project may seem like a matter of course given our demo’s last year and given their investments in the Flash Platform.

In the past few months we’ve seen stellar device launches from HTC and Motorola using Android.  Those of you with beady eyes will also have spotted others from Sony Ericsson and “others” coming down the pipe soon.

I want ALL of them, but might stick to the Hero for now.

Oh, in case they’re watching.  Dear HTC, please fix the SSL certificates for Exchange email eh?

Google Team, welcome to the Open Screen Project