Mozilla in four weeks will bar plug-ins built using a decades-old technology from Firefox, ending a years-long process designed to make the browser more secure.
The single exception to the ban: Adobe's Flash Player, which will continue to run, with limitations, in Firefox.
Mozilla's plug-in prohibition will apply to NPAPI plug-ins, (Netscape Plug-in Application Programming Interface) a standard that harks back to Netscape, the 1990s browser that Microsoft buried in its antitrust-triggering battle over the browser market. NPAPI was long the plug-in default, but has now been blocked or barred from most browsers.
Google banned NPAPI plug-ins from Chrome in 2015 and Opera Software followed suit last year in its flagship Opera browser, while Microsoft's Internet Explorer (IE) has always called on its own proprietary ActiveX architecture. (Edge, IE's successor, never supported ActiveX.) And although Apple's Safari still supports NPAPI plug-ins, the browser has aggressively deprecated their use; Safari now blocks plug-ins from launching automatically, for example.
Browser makers have characterized the elimination of NPAPI plug-ins as a security and stability move meant to improve anti-hacking defenses and keep the application up and running.
Firefox 52, which has a ship date of March 7, is the first version of Mozilla's browser that will drop support for NPAPI plug-ins, with the sole exception of Flash, noted Michael Kaply, a consultant who specializes in customizing Firefox for businesses. Last year, Mozilla had pegged March 2017 for the end of NPAPI support.
Firefox 51, which Mozilla released Jan. 24, was thus the last version including NPAPI support. Users who need to continue running NPAPI plug-ins after March 7, said Kaply, should switch to Mozilla's ESR (Extended Support Release) track, a build channel supported for approximately a year. In a post to his blog, Kaply spelled out instructions for switching to Firefox ESR.
While Flash will be the only exemption to the NPAPI ban, Firefox has already limited the popular plug-in. Mozilla plans to expand the restrictions this year, ultimately requiring users to explicitly approve Flash for any reason by any website.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.