Browser Plug-Ins: The Decline and What's Next
The Decline of Browser Plug-ins
The era of browser plug-ins is drawing to a close. Apple’s iOS platform has consistently lacked support for these components. Furthermore, the Android operating system has already ceased support for Flash, and recent iterations of Internet Explorer on Windows 8 exhibit limited compatibility with many plug-ins.
Chrome is also preparing to phase out traditional NPAPI browser plug-ins in the near future. This shift indicates a broader trend within the web development landscape.
Why Plug-ins Are Becoming Obsolete
This transition doesn't signify a reduction in web capabilities. Rather, it represents a positive evolution. The removal of browser plug-ins is driven by legitimate concerns, and the web experience will ultimately improve as a result.
Browser developers are actively incorporating the functionalities previously provided by plug-ins directly into the browsers themselves. This integration streamlines the user experience and enhances security.
Distinction Between Plug-ins and Extensions
It’s important to clarify that this change specifically targets plug-ins, not extensions or add-ons. Plug-ins, such as Flash, Silverlight, and the notoriously vulnerable Java plug-in, operate directly within websites.
Extensions and add-ons function differently and are not affected by these changes. They typically enhance browser functionality rather than executing code from external sources.
The focus is on eliminating technologies that pose security risks and hinder the performance of modern web standards.
The Genesis of Browser Plug-ins
The initial development of browser plug-ins was driven by a significant need. Browsers, in their early stages, lacked many functionalities. Furthermore, progress in browser technology eventually slowed considerably.
Microsoft’s Internet Explorer 6, launched alongside Windows XP in 2001, exemplifies this stagnation. Having achieved dominance in the browser market, Microsoft redirected its development resources away from Internet Explorer, effectively halting its advancement.
The subsequent version, IE 7, didn't appear until 2006 – a span of over five years. Even IE 8, released in 2009, represented only incremental improvements over its predecessor, IE 6.
A Period of Browser Stagnation
For more than five years, the majority of web users experienced a standstill in browser development. This lack of innovation presented a valuable opportunity for plug-in developers to address existing gaps.
Adobe’s Flash Player, for instance, expanded its capabilities to encompass video playback alongside animations and other interactive elements. Microsoft responded with Silverlight in 2007, designed to offer comparable streaming media and animation support – essentially a direct competitor to Flash.
Numerous other plug-ins emerged to augment browser functionality. The Unity plug-in enabled 3D graphics rendering, while the Google Voice and Video plug-in facilitated access to Google Hangouts and Talk services via a user’s microphone and webcam.
Filling Functional Gaps
Even prior to the prolonged stagnation of Internet Explorer 6, browser plug-ins were employed to introduce features absent in the browsers themselves. Many long-time internet users will recall encountering video playback pages that prompted them to select between Windows Media Player, QuickTime, or RealPlayer.
These three disparate plug-ins represented different approaches to enabling video playback on the web. A native, browser-integrated video playback capability, or a universal standard, was simply unavailable at the time. Eventually, Flash became the de facto standard, but we are now transitioning away from its use.
The Drawbacks of Browser Plug-ins
Browser plug-ins have consistently presented challenges within the web environment. Several significant issues contribute to their declining usability.
Further Reading: Java Presents Security Risks and Should Be Disabled – Here's How
- Security Vulnerabilities: Browser plug-ins have historically demonstrated a weaker security profile compared to web browsers themselves. Flash and Java, in particular, represent substantial entry points for malicious attacks. This risk is amplified by the widespread use of identical plug-in versions across diverse browsers and operating systems. Consequently, a single exploit targeting a plug-in can potentially affect all users, regardless of their system configuration.
- Lack of Sandboxing: Security concerns are exacerbated by the absence of sandboxing in traditional browser plug-ins utilizing NPAPI (Netscape Plugin Application Programming Interface) or ActiveX. These plug-ins possess unrestricted access to the user's entire account and operating system privileges. A security breach within the plug-in can therefore compromise the entire operating system. Modern browsers, conversely, operate within a sandbox, making it more difficult for malicious code to escape. Chrome’s PPAPI (Pepper API) offers sandboxing for plug-ins, and recent Flash versions for Chrome leverage this API instead of NPAPI.
- Cross-Platform Compatibility Issues: Plug-ins are typically developed by a single vendor, resulting in a singular implementation that supports only the vendor’s designated platforms. Consider the example of accessing Netflix on Linux; official support is unavailable due to Microsoft’s lack of Silverlight provision for Linux. Similarly, playing Flash games on an iPad is impossible, as Adobe Flash is not compatible with iOS. In both scenarios, developers of Linux or Apple cannot independently create support for these technologies. This contrasts with open web standards, which allow for multiple implementations by various developers.
- System Instability: Plug-ins have frequently been a primary cause of system crashes, with failures often leading to complete browser shutdowns. Fortunately, Chrome’s sandboxing and Firefox’s plug-in isolation now limit crashes to the plug-in itself. However, browser developers are reliant on plug-in developers to address these stability issues, as there is typically only one available version of a given plug-in.
The combination of security risks and the difficulties in ensuring consistent functionality across various mobile and desktop platforms explains the decreasing popularity of plug-ins. They represent external components within web browsers, rendering content in a distinct manner and lacking the seamless integration of standard HTML code.
The Evolution Beyond Browser Plug-ins
Historically, browser plug-ins facilitated parallel development and competition of web features, exemplified by the diverse landscape of video playback options. They also provided a means for third-party developers to enhance web page functionality during periods of slower browser innovation.
Currently, the web benefits from a dynamic environment of rapid browser advancements and standardized web technologies. A competitive browser market exists, and even Microsoft demonstrates a commitment to web standards, a departure from its past practices.
Related: 10 Things Your Web Browser Can Do That You Might Not Know.
Many functionalities previously reliant on plug-ins are now being integrated directly into browsers. Some of these features are already implemented, while others remain under development. Here’s a breakdown of what’s superseding the most prevalent plug-ins:
- Flash: Widely used for video playback and animations, Flash is increasingly being replaced by HTML5 video, as evidenced by platforms like YouTube’s transparent transition. New HTML5 capabilities are also addressing the animation needs once fulfilled by Flash.
- Java: Java is undergoing a phase-out due to security vulnerabilities inherent in its plug-in architecture – it presents significant security risks. The ability to embed entire programs within web pages, facilitated by Java, has proven problematic.
- Silverlight: Microsoft has ceased development of Silverlight, which currently supports video playback on a limited number of websites. Netflix, a major Silverlight user, is migrating to HTML5 video.
- Unity 3D: The Unity 3D plug-in enabled the embedding of 3D games on web pages. WebGL now makes 3D graphics possible without requiring any plug-ins.
- Google Earth Plug-in: Google has already superseded its Google Earth plug-in. A complete, interactive 3D Google Earth experience is now available within Google Maps using WebGL.
- Google Voice and Video: The Google Voice and Video plug-in remains necessary for Hangouts and Google Talk calls. However, it will be replaced by the WebRTC standard, enabling plug-in-free, real-time audio and video communication.
The integration of plug-in features directly into browsers will result in a more secure and robust web experience. While plug-ins are still functional, their obsolescence is imminent. They served a valuable purpose, but the web is evolving beyond them.
The Flash plug-in will persist for some time due to its widespread adoption, but other plug-ins are nearing irrelevance. Even Flash’s importance is diminishing with the rise of mobile platforms lacking Flash support. This transition is welcomed by many developers – Adobe now offers tools for exporting to HTML5, Oracle seeks to eliminate the security concerns associated with Java, and Microsoft has abandoned its pursuit of Silverlight as a Flash alternative.