Premature blocking of Adobe Flash Player continues in FF 70
I am going to keep saying this until someone in the development area responds with a REASONABLE reply.
Starting with FF 69, there is no way to allow Flash to run without being authorized for EVERY site, EVERY time one visits it. The developers have cited the fact that Flash itself will be discontinued by Adobe at the end of 2020 as justification for this. That is still over a year away and I see this move as very premature AND very user-UNfriendly.
It has been less than a month since FF 69 and I am already tired of having to authorize the plugin every day on the three remaining sites (that I visit daily) which still require Flash because they have not upgraded to HTML5. While I understand completely that this is an industry-wide matter -- that Adobe itself will discontinue support for Flash -- Firefox's developers have made the (IMHO) absurd decision to inconvenience users more than a year before this move became necessary.
What I would like to see is, when the pull-down menu from the "Lego block" displays, is an option under "Allow" to let the user designate "Always allow for this site". Once coded, it would never need to be removed, because as sites do convert to HTML5 there would no longer be a "trigger" for the Flash plugin.
PLEASE, those of you developers who made the change in FF 69, do not perpetuate the image we all have of you as being heavy-handed and uncaring about Firefox users. Make our lives easier while we wait for our favorite sites to upgrade. Let us allow Flash to run, only on our specific sites, without a daily inconvenience.
Admit you "jumped the gun" and do the right thing by us.
Additional System Details
- Shockwave Flash 32.0 r0
- User Agent: Mozilla/5.0 (Windows NT 6.1; rv:70.0) Gecko/20100101 Firefox/70.0
In Firefox 70 you can allow Flash for a specific domain for the current session (i.e. if you click Allow then Flash will be allowed until you click Block or close Firefox).
You can't allow Flash for all websites, you need to click allow for every domain.
Thanks, but I already knew that. I want Firefox to "keep" the permission for a specific domain for future sessions without having to authorize it every session.
As I said, there are three domains that I visit daily and it is already a PITA to have to allow Flash every day for them.
I am not asking to go back to the old setting option to always allow Flash across all domains, but I do want to always allow it at specific domains.
In Firefox 70 you can allow Flash for a specific domain for the current session (i.e. if you click Allow then Flash will be allowed until you click Block or close Firefox). You can't allow Flash for all websites, you need to click allow for every domain.
Even though this was not the answer you were looking for, this is unfortunately the best you'll get at this point. Flash has been listed as increasingly vulnerable by Adobe and Mozilla for months (if not years at this point. Thus I would not expect any further developments to come from Mozilla as Flash is slowly phased out.
Then I will just have to repeat myself every time a new release comes out without that functionality until either Mozilla bans me or the developers are shamed into admitting they acted too soon before the Flash cutoff and created inconvenience for Firefox users.
As I said, I understand what is happening. I simply believe the developers went about planning for the pending demise of Flash heavy-handedly and acted prematurely.
Modified by Kymber
Look you may think it is still as much as 12-14 months away when in reality the Flash player Plugin will not run in Releases starting in early next year. After that the then current Firefox ESR may be the only one still allowing the Flash Player Plugin to even run.
It is not a recent decision as Adobe made the announcement way back in July 2017 and Mozilla made their plans then also along with other companies on use of Flash in their web browsers.
Many websites have since changed to HTML5 for video, audio and games whether as primary or secondary since. For example Youtube and Twitch switched to HTML5 long ago. HTML5 is much more cross platform compared to the more limited devices supported by Adobe with Flash.
Please, Mr. Moderator, do not "talk down" to me. I have already acknowledged that HTML5 is replacing Flash. And yes, it would be a good thing if the remaining sites converted to HTML5 sooner. But they aren't all rushing to convert and that means Flash support may well still be needed as early as the beginning of 2020.
Neither you nor I can accurately predict when the three sites I visit daily will convert. I'm sure that when they do Firefox will shift effortlessly, just as it did for YouTube, et al.
What I am saying is that, given that Mozilla cannot force sites to switch over early, the continued seamless (as in not having to authorize every session) operation of the Flash plugin needs to be maintained until every site that uses it has converted to HTML5.
Removing the seamlessness does nothing to hasten the adoption of HTML5. If Mozilla's developers think they are forcing the hands of the website owners by doing this, it is obvious they were mistaken.
You are either reading things I did not say into this (such as your presumption that I think this was a recent decision) or you think talking down to me somehow makes my issue and opinion on same invalid. Neither is the case, and I politely suggest that moderators (I have been one at other sites) need to adopt a less forceful and hostile tone of voice.
Blocking Flash and forcing the user to acknowledge their decision to take on the risk of using Flash is in line with a policy of security and privacy. In my opinion, this kind of thing is why users of Firefox choose this browser. It is possible for a user to enable Flash, but it is equally likely that a malicious actor would take advantage of that security risk.
On the other hand, not allowing a user to customize their own experience does come off as user-unfriendly. However, I can't imagine that the purpose of the change to disallow Flash was a conspiracy to force web developers into submission since every browser is eventually going to go the same route. The developers of Firefox are pioneers of security and privacy in this regard.
If the website were to exploit Flash to cause harm to a user's computer, who would the user blame? Hopefully, it's the website creator, but if the browser is providing the website creator with the ability to exploit in the first place, then the browser developer has not done their due diligence to protect the user. All the risk of a malicious actor exploiting Flash is on Firefox. The web browser must be able to deliver content in a standards-based, reliable fashion, but cannot compromise the security of its users in the process.
Perhaps the developers of Firefox are not the ones worthy of this complaint, but rather the developers of the websites that choose to expose their users to insecure technology. What will the website developers do when Flash is no longer supported at all?
If this were a priority for a majority of Firefox users, I'd wager that this thread and others like it would have more support.
There is a lot of wisdom in that thoughtful reply, but I think I can rebut your last statement using the same reasonable logic you used earlier.
I believe that the majority -- even the vast majority -- of Firefox users don't even know that this forum exists. To them, it's just the browser they use to surf the Net, and most of them won't even speak up when a change inconveniences them ... if it bothers them enough, they will seek an alternative. That follows the same thought process about the website owners being responsible but the browser being blamed.
What will the website developers do when Flash is not supported by any browser, as indeed will be the case in a little over a year? Hopefully they will act before then, but if not then there is no one left to blame.
However, that is still more than a year off. My suggestion is still more secure and more protective of users than was the previous setting that allowed Flash to be automatically allowed anywhere that had Flash. It is not intended to be anything but an interim user convenience, activated only on a domain-by-domain basis by the users, and it would obsolete itself at the end of next year.
I believe it to be a balance between user-friendliness and the need for security. I refuse to accept any answer that implies that the balance has to unequivocally be tilted entirely away from the former due to the need for the latter.
Understood, and thank you. I appreciate that users like you are doing what they can to provide a better user experience for users that have no idea the forums exist!
I agree that it is a very fine line to draw in this case between user-friendliness and security. I also agree that it does seem to tilt towards security at the cost of a user's experience.
I believe you should continue making your request with the hope that eventually a solution comes your way.
That said, I do still believe that Firefox is made for users seeking an experience like the one being provided. In my experience Firefox has failed to render a usable web page on many occasions, but in virtually all of those cases it was due to Firefox's forward-thinking and the website developer's lag in compliance. This kind of thing is generally why I choose Firefox.
I will keep an eye out for a better solution for you and update this thread (or your next) if I find one.