VP6 is used in quite a few ads, and we can't tell beforehand whether it is or not. To not completely break these ads, we should build a video player that we can embed instead of a <video> element and that we communicate with via ExternalInterface. This SWF would do absolutely nothing except for playing a video stream we pass in, so it wouldn't create a huge added attack surface.
Summary: Create a bare-bones SWF-based video player to use as a VP6 fallback → Create a bare-bones SWF-based video player to polyfill VP6 fallback using the Flash plugin
Yury is working on the VP6 polyfill.
Assignee: nobody → ydelendik
See Also: → https://github.com/mozilla/shumway/pull/2267
This bug doesn't need to block M4 because we can (try to) avoid whitelisting ad domains that serve videos.
3 years ago
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.