Closed
Bug 1363713
Opened 7 years ago
Closed 7 years ago
SWFObject loads Flash transiently to test its version and triggers the plugin infobar
Categories
(Core Graveyard :: Plug-ins, defect)
Core Graveyard
Plug-ins
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: benjamin, Assigned: alexical)
References
Details
User Story
Specification of behavior: * when Flash marked click-to-activate ** any <object> which would have no data (no nsIObjectLoadingContent.srcURI) should not trigger any click-to-play behavior and should always use fallback content * When Flash is active for a site ** Flash with no data should instantiate as it does today (otherwise swfobject would break)
The SWFObject library is used extensively throughout the web as a wrapper for instantiating Flash on various browsers. It has a function that it runs at startup `testPlayerVersion` which checks the Flash version by creating an "empty" Flash instance (no data). https://github.com/swfobject/swfobject/blob/master/swfobject/src/swfobject.js#L188 This triggers the plugin infobar in every case and seems to be one of the most common reasons for seeing the infobar. My initial suggestion was (is?) that we should never instantiate a Flash <object> with no data. However, I think that might cause a regression because I believe Flash supports the following syntax: <object type="application/x-shockwave-flash"> <param name="movie" value="something.swf"> </object> If this is the only special case, I'm willing to add a check for that specifically and otherwise suppress Flash. But this should be controlled with a pref. Felipe/doug, is it possible that we could at least suppress the infobar for this case within the shield study? Example of this in practice: https://web.bet9ja.com/Sport/Default.aspx (but I'm seeing this perhaps even on facebook as well).
Flags: needinfo?(felipc)
Flags: needinfo?(dothayer)
Reporter | ||
Comment 1•7 years ago
|
||
ok, I'm luckily incorrect. The <param name="movie"> syntax is IE-only, and Firefox has always required data="". See http://benjamin.smedbergs.us/tests/ctptests/flash-movie.html for tests and I've also verified via Adobe documentation. I'm putting a behavior specification in the user story; qdot can you look over the specification? And then I'm looking for a person to pick this up.
User Story: (updated)
Reporter | ||
Updated•7 years ago
|
Flags: needinfo?(kyle)
Comment 2•7 years ago
|
||
It would be very simple to add this to the prefer fallback code, and I can do that work. But that is C++ code that can't be applied from the addon. From the addon, I don't know how we could do it.. It would probably be very hacky.. But I'll leave the question/needinfo for dthayer to see if he has ideas.
Flags: needinfo?(felipc)
Reporter | ||
Updated•7 years ago
|
Blocks: flash-click-to-play, flashstudy
Comment 3•7 years ago
|
||
We've had the object/param problem sitting for a while (like, 8 years? :) ) at bug 517440, I just haven't had a chance to take care of it yet. Behavior specification looks fine to me. Not the first time we've run afoul of swfobject. :/
Flags: needinfo?(kyle)
Assignee | ||
Comment 4•7 years ago
|
||
I've got a solution that seems to be working pretty well to resolve this. It's not pretty, but it should get the job done. Felipe, could you review? https://github.com/squarewave/shield-study-essential-flash/commit/6076a2bb45b082ff1947579e8754e7b6da2b7a47
Flags: needinfo?(dothayer) → needinfo?(felipc)
Reporter | ||
Comment 5•7 years ago
|
||
Will this be too aggressive if there are multiple Flash instances which trigger the infobar, and this case is just one of them?
Assignee | ||
Comment 6•7 years ago
|
||
The patch accounts for that. Any other Flash instances cause us to abort the interception.
Assignee | ||
Comment 7•7 years ago
|
||
Clearing NI for Felipe since he reviewed it here: https://github.com/squarewave/shield-study-essential-flash/commit/7aec1d988f467dbe2fab007a27754e2cf8ad0268
Flags: needinfo?(felipc)
Assignee | ||
Comment 8•7 years ago
|
||
There should be data in now from users with this fix. Per the repeated ping data bug, you should be able to identify the pings by checking that "version" in the payload is set to 1.
Assignee | ||
Comment 9•7 years ago
|
||
Resolving this one as related to the add-on side of it. Felipe is creating a new bug to track the fix that we'll land in tree.
Assignee: nobody → dothayer
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
Updated•2 years ago
|
Product: Core → Core Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•