Closed Bug 1363713 Opened 7 years ago Closed 7 years ago

SWFObject loads Flash transiently to test its version and triggers the plugin infobar

Categories

(Core Graveyard :: Plug-ins, defect)

Product:
Core Graveyard
Component:
Plug-ins
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: benjamin, Assigned: alexical)

References

Details

User Story

Specification of behavior:
* when Flash marked click-to-activate
** any <object> which would have no data (no nsIObjectLoadingContent.srcURI) should not trigger any click-to-play behavior and should always use fallback content
* When Flash is active for a site
** Flash with no data should instantiate as it does today (otherwise swfobject would break)
The SWFObject library is used extensively throughout the web as a wrapper for instantiating Flash on various browsers. It has a function that it runs at startup `testPlayerVersion` which checks the Flash version by creating an "empty" Flash instance (no data).

https://github.com/swfobject/swfobject/blob/master/swfobject/src/swfobject.js#L188

This triggers the plugin infobar in every case and seems to be one of the most common reasons for seeing the infobar.

My initial suggestion was (is?) that we should never instantiate a Flash <object> with no data. However, I think that might cause a regression because I believe Flash supports the following syntax:

<object type="application/x-shockwave-flash">
  <param name="movie" value="something.swf">
</object>

If this is the only special case, I'm willing to add a check for that specifically and otherwise suppress Flash. But this should be controlled with a pref.

Felipe/doug, is it possible that we could at least suppress the infobar for this case within the shield study?

Example of this in practice: https://web.bet9ja.com/Sport/Default.aspx (but I'm seeing this perhaps even on facebook as well).
Flags: needinfo?(felipc)
Flags: needinfo?(dothayer)
ok, I'm luckily incorrect. The <param name="movie"> syntax is IE-only, and Firefox has always required data="". See http://benjamin.smedbergs.us/tests/ctptests/flash-movie.html for tests and I've also verified via Adobe documentation.

I'm putting a behavior specification in the user story; qdot can you look over the specification? And then I'm looking for a person to pick this up.
User Story: (updated)
Flags: needinfo?(kyle)
It would be very simple to add this to the prefer fallback code, and I can do that work. But that is C++ code that can't be applied from the addon.

From the addon, I don't know how we could do it.. It would probably be very hacky.. But I'll leave the question/needinfo for dthayer to see if he has ideas.
Flags: needinfo?(felipc)
Blocks: flash-click-to-play, flashstudy
We've had the object/param problem sitting for a while (like, 8 years? :) ) at bug 517440, I just haven't had a chance to take care of it yet.

Behavior specification looks fine to me. Not the first time we've run afoul of swfobject. :/
Flags: needinfo?(kyle)
I've got a solution that seems to be working pretty well to resolve this. It's not pretty, but it should get the job done.

Felipe, could you review?

https://github.com/squarewave/shield-study-essential-flash/commit/6076a2bb45b082ff1947579e8754e7b6da2b7a47
Flags: needinfo?(dothayer) → needinfo?(felipc)
Will this be too aggressive if there are multiple Flash instances which trigger the infobar, and this case is just one of them?
The patch accounts for that. Any other Flash instances cause us to abort the interception.
Clearing NI for Felipe since he reviewed it here: https://github.com/squarewave/shield-study-essential-flash/commit/7aec1d988f467dbe2fab007a27754e2cf8ad0268
Flags: needinfo?(felipc)
There should be data in now from users with this fix. Per the repeated ping data bug, you should be able to identify the pings by checking that "version" in the payload is set to 1.
Resolving this one as related to the add-on side of it. Felipe is creating a new bug to track the fix that we'll land in tree.
Assignee: nobody → dothayer
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Product: Core → Core Graveyard
You need to log in before you can comment on or make changes to this bug.