Last Comment Bug 738698 - (click-to-play) [meta] Users should have the ability to activate plugins on demand
(click-to-play)
: [meta] Users should have the ability to activate plugins on demand
Status: RESOLVED WORKSFORME
: meta, sec-want
Product: Firefox
Classification: Client Software
Component: General (show other bugs)
: Trunk
: All All
: -- normal with 30 votes (vote)
: ---
Assigned To: Nobody; OK to take it and work on it
:
Mentors:
https://wiki.mozilla.org/Opt-in_activ...
Depends on: 785490 785836 801406 901451 902444 904222 949835 965757 1005302 1013813 549697 641892 711552 711618 736998 739575 742753 743060 743102 743429 744197 744534 744745 745187 746374 746859 746888 747105 747169 747312 747649 747796 748181 751528 751809 752228 752461 752477 752515 752516 753100 754472 754509 758968 760625 762805 765506 766946 767636 772897 774315 774937 775020 775246 775418 775709 775857 775858 775907 776264 776432 777238 777332 777337 777341 777741 779320 779662 779844 780517 781250 782121 782644 783245 783460 784135 785019 785070 787619 787758 789620 790241 790265 790483 792550 793338 795397 798003 798176 798623 800018 801480 804580 808312 809785 809792 809793 809858 809867 809903 810082 810086 811375 812182 812562 817249 818008 818009 818016 818118 818162 819972 819992 820054 820448 820497 820678 820708 821098 821892 822720 825438 825723 827290 830267 830559 831365 831757 831921 832445 833506 833809 834698 834918 835057 835929 836730 838106 838290 838999 840944 841304 841350 841472 842692 844725 847072 850269 852316 853615 853694 853855 853973 865809 865866 866935 867730 868016 868085 868091 869819 870227 873130 875724 876362 880735 883404 884560 CTP-perelement 889228 898876 899080 902219 902376 905082 905084 906451 906645 915951 917442 918021 918236 918673 918730 919139 921411 921730 923527 927392 932633 932666 932824 932832 932854 933935 934503 938460 941137 943383 952765 958965 959145 962007 967969 972237 972362 976769 982101 984724 989967 1005814 1008644
Blocks: 841895
  Show dependency treegraph
 
Reported: 2012-03-23 10:35 PDT by Jared Wein [:jaws] (please needinfo? me)
Modified: 2016-04-14 10:58 PDT (History)
49 users (show)
curtisk: sec‑review+
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments

Description Jared Wein [:jaws] (please needinfo? me) 2012-03-23 10:35:03 PDT
Users should have the ability to activate plugins on demand. This is sometimes referred to as click-to-play plugins.
Comment 1 Curtis Koenig [:curtisk-use curtis.koenig+bzATgmail.com]] 2012-04-06 09:33:23 PDT
I think we are ready to schedule this one, the call for comments closed on 30-Mar as expected there was nothing too big.

link to discussion: https://groups.google.com/group/mozilla.dev.security/browse_thread/thread/893f729b420309ec#

Jared / Ian thoughts?
Comment 2 Ian Melven :imelven 2012-04-06 09:57:28 PDT
(In reply to Curtis Koenig [:curtisk] from comment #1)
> I think we are ready to schedule this one, the call for comments closed on
> 30-Mar as expected there was nothing too big.
> 
> link to discussion:
> https://groups.google.com/group/mozilla.dev.security/browse_thread/thread/
> 893f729b420309ec#
> 
> Jared / Ian thoughts?

What's currently implemented is a first pass on the feature and isn't intended to be enabled by default. I would prefer to wait until the feature is closer to what's described in the feature page. The feature page is currently being discussed in mozilla.dev.security and we met with UX yesterday to ask for input as well. If the review would be a design review, I would prefer this to happen in the mozilla.dev.security thread after people have reviewed the existing feature page. If the review is an implementation review, I would prefer this to wait until the feature is closer to what we have discussed shipping. I would encourage members of the security team to try this feature out in a nightly by flipping the pref when bug 711618 lands. This is all just my opinion though, very open to discussion :)
Comment 3 Willy_ Foo_Foo 2012-04-06 10:55:13 PDT
Thanks for this! too

i also have traded Flashblock for plugins.click_to_play;true

But by when it will be stable enough to test?
will it have the option to control(enable on demand) for all types of plugins?
& what about say a page has two flash player windows but want to play only the second one
will it be possible ? (flashblock allows this)
Comment 4 Ian Melven :imelven 2012-04-06 11:21:13 PDT
(In reply to beelzebub360 from comment #3)

FYI you don't need to add the same comment to every click to play bug, this is the meta (main) click to play bug, which tracks the feature overall - other related bugs should be marked dependencies for it. 

> But by when it will be stable enough to test?

i saw that you already cc'd yourself on this bug and some of the other click to play bugs. Following the bugs will let you follow the progress of this feature (including it being enabled by default in a release of Firefox). 

> will it have the option to control(enable on demand) for all types of
> plugins?
> & what about say a page has two flash player windows but want to play only
> the second one
> will it be possible ? (flashblock allows this)

please see https://wiki.mozilla.org/Opt-in_activation_for_plugins for the current proposal and feel free to comment on the spec on mozilla.dev.security where click to play is being discussed
Comment 5 Willy_ Foo_Foo 2012-04-11 05:31:31 PDT
Guys will this be also implemented so that ogg or web-m to require to be licked to be activated
this is needed to stop loading unnecessary plugins on any page(inbuilt or external) especially under linux
& also speeds up Firefox
Comment 6 Ian Melven :imelven 2012-04-11 09:18:37 PDT
(In reply to beelzebub360 from comment #5)
> Guys will this be also implemented so that ogg or web-m to require to be
> licked to be activated
> this is needed to stop loading unnecessary plugins on any page(inbuilt or
> external) especially under linux
> & also speeds up Firefox

At the moment, as being discussed, it's only for plugins. You raise an interesting point, but i think that's a different issue/bug, perhaps.
Comment 7 Willy_ Foo_Foo 2012-04-11 11:25:36 PDT
(In reply to Ian Melven :imelven from comment #6)

> At the moment, as being discussed

Great Hope it gets implemented 

>it's only for plugins.
well basically .ogg/webm etc are plugins(internal maybe if not external which are not required always)
but are loaded(wasting bandwidth & resources).

Maybe not all but some users need more security over running all plugins
&
desktop/mobiles need more resources which might not be always available(if on a old system or using different codecs)

>You raise an
interesting point
Thank-you

>but i think that's a different issue/bug, perhaps

perhaps not as using resources more efficiently & securely is one of the main motives of this feature
Comment 8 Curtis Koenig [:curtisk-use curtis.koenig+bzATgmail.com]] 2012-04-11 12:30:42 PDT
When you all feel that this is ready for a security review please update bug 744534 and we will get it going.
Comment 9 Tony Mechelynck [:tonymec] 2012-04-17 06:58:53 PDT
Dupe of bug 711552?
Comment 10 David Keeler [:keeler] (use needinfo?) 2012-04-17 09:59:47 PDT
(In reply to Tony Mechelynck [:tonymec] from comment #9)
> Dupe of bug 711552?

Bug 711552 was for the user interface on desktop for click-to-play (there was another bug for mobile). This bug is an overall tracking bug for click-to-play, if I understand correctly.
Comment 11 mdew 2012-04-18 15:52:52 PDT
To avoid every Silverlight site issue from breaking, this should be resolved..

https://bugzilla.mozilla.org/show_bug.cgi?id=745378
Comment 12 Yunier J. 2012-04-19 12:58:05 PDT
Yes, is very important that users always decided if click to play plugins or simple reproduce it. Flash and others plugins cause problems and we have to make a better Firefox.
There are several ways for users can customize this. A path can be put in tab Plugins of Add-ons Manager a cheek button to click to play plugins.
Too in tab Content of Firefox Options together Block pop-up windows, Loads images automatically and Enable JavaScript we can add a cheek button to click to play plugins and button for users can add exceptions for sites which theirs want add (this would serve for show to users a simple way to enable or disable).
Comment 13 Mikko Rantalainen 2012-04-19 23:14:14 PDT
Depends bug 746888?
Comment 14 David E. Ross 2012-04-21 11:58:25 PDT
For end-users, the following capabilities might be very much desired.  

I would like to be able to white-list a plugin as always active without regard for what Web page I am viewing.  

I would like to be able to white-list a URI or an entire domain to activate all plugins.  

I would like to be able to black-list a Web page or an entire domain for a specific plugin, overriding the above white-lists.  

Finally, any indicator of a blocked plugin should be obvious but not hide any content on a Web page.
Comment 15 Willy_ Foo_Foo 2012-06-07 06:32:43 PDT
Click to Play Plugins should also block(enable on demand)
webm/ogg/mp3/vlc etc
Comment 16 Ian Melven :imelven 2012-06-13 12:13:06 PDT
(In reply to Pheonix from comment #15)
> Click to Play Plugins should also block(enable on demand)
> webm/ogg/mp3/vlc etc

These aren't alwyas provided by plugins though... this would be a separate feature, particularly since we want click to play to help protect users against plugin vulnerabilities, which we can't fix ourselves.
Comment 17 alex_mayorga 2012-08-08 14:38:33 PDT
Was this broken by bug 745030 somehow?

On Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:17.0) Gecko/17.0 Firefox/17.0 ID:20120808030529 with Shockwave Flash 11.4.400.252 "click to play" UI no longer shows on http://www.adobe.com/software/flash/about/
Comment 18 David Keeler [:keeler] (use needinfo?) 2012-08-09 10:10:47 PDT
Alex - are you talking about the content that appears for a bit and then is replaced by a (non-flash) ad?
Comment 19 Matthew Turnbull [Bluefang] 2012-08-11 12:52:33 PDT
Yes. Flash content is activating immediately with click-to-play enabled.

Works: http://hg.mozilla.org/mozilla-central/rev/1bbc0b65dffb
Broken: http://hg.mozilla.org/mozilla-central/rev/e55638d4037a
Push log: http://hg.mozilla.org/mozilla-central/pushloghtml?fromchange=1bbc0b65dffb&tochange=e55638d4037a

I did some further debugging and found that the broken behavior is caused by a combination of the above change set and Adblock Plus (2.1.3a.3534).
Comment 20 David Keeler [:keeler] (use needinfo?) 2012-08-15 12:30:23 PDT
Matthew - that looks like bug 782644.
Comment 21 alex_mayorga 2012-08-20 09:11:37 PDT
(In reply to David Keeler from comment #18)
> Alex - are you talking about the content that appears for a bit and then is
> replaced by a (non-flash) ad?

No I was talking about the "Version Information" Flash box.

I still believe the refactoring of nsObjectLoadingContent on bug 745030 completely broke click to play =(
Comment 22 David Keeler [:keeler] (use needinfo?) 2012-08-20 09:18:59 PDT
Alex - looks like you might be encountering bug 782644.
With regard to bug 745030 - click to play was already broken by the complexity and difficult-to-maintain-ness of nsObjectLoadingContent. While the refactoring has caused some regressions, I think we're better off in the long run because we now have a better path forward using code that is easier to understand and improve.
Comment 23 alex_mayorga 2012-09-11 16:12:29 PDT
Missing "Lego brick" click-to-play UI at http://news.yahoo.com/blogs/trending-now/long-lost-renoir-masterpiece-found-among-junk-flea-170238665.html

Confirms anyone?
Comment 24 Loic 2012-09-11 16:18:33 PDT
(In reply to alex_mayorga from comment #23)
> Missing "Lego brick" click-to-play UI at
> http://news.yahoo.com/blogs/trending-now/long-lost-renoir-masterpiece-found-
> among-junk-flea-170238665.html
> 
> Confirms anyone?

Yahoo applies georestriction on its stream, so I guess it's pure HTML/JS. We see only the splash image before playing the Flash stream. In my case, I'm georestricted so I don't see the click-to-play overlay.
Comment 25 John Schoenick [:johns] 2012-09-11 17:35:16 PDT
(In reply to alex_mayorga from comment #23)
> Missing "Lego brick" click-to-play UI at
> http://news.yahoo.com/blogs/trending-now/long-lost-renoir-masterpiece-found-
> among-junk-flea-170238665.html
> 
> Confirms anyone?

I've noticed this, it's due to resizing plugin frames after they've switch to fallback. I filed bug 790483 for this, though it might be a dupe.
Comment 26 alex_mayorga 2012-09-26 07:37:00 PDT
Steps:
0. Enable "click to play"
1. Load http://www.vice.com/vice-news/the-mexican-mormon-war-part-1
2. Click on "Click here to activate plugin"

Result:
Nothing happens.
There's an error in error console:
[code]Error: ReferenceError: OAS_RICH is not defined
Source File: http://www.vice.com/vice-news/the-mexican-mormon-war-part-1
Line: 127[/code]

Expected results:
Plugin activates

Is this a site's or Nightly's bug?
Comment 27 David Keeler [:keeler] (use needinfo?) 2012-09-26 15:21:52 PDT
Alex - that looks like bug 790265 (which occurs when a site embeds content from another site that has "display: none" initially - which is different from (but very similar to) bug 741130).
Comment 28 alex_mayorga 2012-09-28 07:16:31 PDT
Another one that doesn't work on Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:18.0) Gecko/18.0 Firefox/18.0 ID:20120927030539

Steps:
0. Enable "click to play"
1. Load http://www.aztecanoticias.com.mx/capitulos/mexico/126079/marti-batres-choca-contra-puerta-en-san-lazaro
2. Click on "Click here to activate plugin"
3. Click "PLAY"

Result:
Nothing happens.
There's an error in error console:
Timestamp: 28/09/2012 09:15:51 a.m.
Error: ReferenceError: K10142 is not defined
Source File: http://www.aztecanoticias.com.mx/capitulos/mexico/126079/marti-batres-choca-contra-puerta-en-san-lazaro
Line: 1180

Expected results:
Video plays.

Is this a site's or Nightly's bug?
Comment 29 David Keeler [:keeler] (use needinfo?) 2012-09-28 12:56:19 PDT
Alex - I can't reproduce the bug you're seeing on that page. Maybe the page was recently updated?
(I'm assuming you were trying to click-to-play the main video, right?)
Comment 30 alex_mayorga 2012-10-03 08:36:19 PDT
David,

For me it doesn't work even in Safe-mode =(
Only other thing I can think of is that I've set Nightly to not accept 3rd party cookies, might that be?
Comment 31 alex_mayorga 2012-10-04 14:29:42 PDT
Another page that doesn't work with "click to play" FWIW

http://www.cetesdirecto.com/ninos/Cuento.html
Comment 32 alex_mayorga 2012-10-22 13:36:03 PDT
Glad to report that these now WFM on Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:19.0) Gecko/19.0 Firefox/19.0 ID:20121022030551

http://www.aztecanoticias.com.mx/capitulos/mexico/126079/marti-batres-choca-contra-puerta-en-san-lazaro
http://www.cetesdirecto.com/ninos/Cuento.html

Thanks to everyone involved in this feature, it's coming along nicely and helps me enjoy the web more on my CPU and RAM constrained devices =)
Comment 33 alex_mayorga 2012-10-26 08:39:23 PDT
There's no click to play UI on the main page at http://javatester.org/version.html

Is this a bug or by design?
Comment 34 David Keeler [:keeler] (use needinfo?) 2012-10-26 10:12:19 PDT
(In reply to alex_mayorga from comment #33)
> There's no click to play UI on the main page at
> http://javatester.org/version.html
> 
> Is this a bug or by design?

I've looked at that before, and if I recall correctly, the applet is considered too small to contain the UI in the overlay, so we make it (the overlay) invisible. It can still be activated by the urlbar notification icon.
Comment 35 alex_mayorga 2012-10-31 14:10:23 PDT
(In reply to David Keeler from comment #34)
> (In reply to alex_mayorga from comment #33)
> > There's no click to play UI on the main page at
> > http://javatester.org/version.html
> > 
> > Is this a bug or by design?
> 
> I've looked at that before, and if I recall correctly, the applet is
> considered too small to contain the UI in the overlay, so we make it (the
> overlay) invisible. It can still be activated by the urlbar notification
> icon.

Would it be possible to still draw the gray diagonal bars and just the text with no icon? That would give more the sense of "something is missing here and we know about it, Firefox is not failing" IMHO.
Comment 36 alex_mayorga 2012-11-01 06:29:49 PDT
Steps:
0. Install JRE 1.7.0_09 from http://www.oracle.com/technetwork/java/javase/downloads/index.html
0. Enable "click to play" plugins.click_to_play;true in about:config
1. Load http://www.java.com/en/download/installed.jsp?detect=jre
2. Click on "Click here to activate the Java Deployment Toolkit plugin."

Result:
The applet never loads.

Is this a known bug on Nightly or just poor "web making" from Oracle?
Comment 37 David Keeler [:keeler] (use needinfo?) 2012-11-01 09:23:29 PDT
(In reply to alex_mayorga from comment #36)
> Steps:
> 0. Install JRE 1.7.0_09 from
> http://www.oracle.com/technetwork/java/javase/downloads/index.html
> 0. Enable "click to play" plugins.click_to_play;true in about:config
> 1. Load http://www.java.com/en/download/installed.jsp?detect=jre
> 2. Click on "Click here to activate the Java Deployment Toolkit plugin."
> 
> Result:
> The applet never loads.
> 
> Is this a known bug on Nightly or just poor "web making" from Oracle?

Not necessarily poor coding - it works for me after a few seconds if I enable the plugin through the urlbar notification.
Comment 38 David Keeler [:keeler] (use needinfo?) 2012-11-06 09:39:58 PST
(In reply to alex_mayorga from comment #35)
> (In reply to David Keeler from comment #34)
> > (In reply to alex_mayorga from comment #33)
> > > There's no click to play UI on the main page at
> > > http://javatester.org/version.html
> > > 
> > > Is this a bug or by design?
> > 
> > I've looked at that before, and if I recall correctly, the applet is
> > considered too small to contain the UI in the overlay, so we make it (the
> > overlay) invisible. It can still be activated by the urlbar notification
> > icon.
> 
> Would it be possible to still draw the gray diagonal bars and just the text
> with no icon? That would give more the sense of "something is missing here
> and we know about it, Firefox is not failing" IMHO.

That's reasonable, but then there's still the problem of when even the text is too large for the visible plugin area. Why don't you open a new bug and anyone who's interested can discuss it there?
Comment 39 Georg Fritzsche [:gfritzsche] 2012-12-04 06:26:08 PST
*** Bug 817255 has been marked as a duplicate of this bug. ***
Comment 40 Philip Chee 2012-12-04 19:29:59 PST
*** Bug 817255 has been marked as a duplicate of this bug. ***
Comment 41 ruzanow 2012-12-12 00:19:56 PST
There's no click to play UI on dynamically created flash. Example: http://ruzanow.ru/test/test-flash.html
// I think that it has already been reported, but not right here and bug is not fixed in nightly.
Comment 42 ruzanow 2012-12-12 01:06:43 PST
(In reply to ruzanow from comment #41)
> http://ruzanow.ru/test/test-flash.html
Ops, sorry. This is another bug. Small placeholder (less 110x110 for me) is invisible.
Comment 43 Paul Silaghi, QA [:pauly] 2012-12-12 01:19:38 PST
That's bug 810082
Comment 44 alex_mayorga 2013-01-18 19:28:48 PST
No click-to-play UI on the main page at http://getpebble.com/ just a black square.

Is this a known bug or shall I file a new one?
Comment 45 alex_mayorga 2013-02-04 07:56:05 PST
(In reply to alex_mayorga from comment #44)
> No click-to-play UI on the main page at http://getpebble.com/ just a black
> square.
> 
> Is this a known bug or shall I file a new one?

It was in fact bug 744745 and it's now fixed.

Also bsmedberg posted of this functionality and called for more testers at https://groups.google.com/forum/#!topic/mozilla.dev.apps.firefox/8CIIiXypoXY

The thread already has one very interesting feature request IMHO, namely "when Firefox crashes to turn off saved defaults and reask all the Click to play prompts for all opened tabs when Firefox reopens" by John Bird
Comment 46 alex_mayorga 2013-04-02 07:36:07 PDT
http://omg.yahoo.com/video/redford-company-laboeuf-tucci-081832327.html doesn't play along with click-to-play a "loading" spinner is shown forever.

Is this a known bug or should I file a new one?
Comment 47 Cam 2013-05-01 15:20:16 PDT
Can I just strongly emphasize how disappointed I am in Mozilla for activating flash by default (in FF 23.0a1 Nightly) just because I have an up to date flash plugin.

After quite a long enjoyable stretch of having to click to activate flash regardless of the version installed (I've been using click to play since it was first possible in nightly) a short while ago the feature basically was taken away from me. Just because I keep flash up to date? What kind of motivation is that supposed to be? Punishment for doing the right thing?

And what's more the UI for click to play lies to you, about:config says it is enabled, and it says it will ask every time when you check in about:permissions (every site & globally).

So please somewhere, anywhere, give me a switch to force click to play in all circumstances regardless of plugin type or version. Otherwise this feature is noting more than a slap in the face to good netizens.
Comment 48 John Schoenick [:johns] 2013-05-01 15:43:13 PDT
(In reply to Cam from comment #47)
> Can I just strongly emphasize how disappointed I am in Mozilla for
> activating flash by default (in FF 23.0a1 Nightly) just because I have an up
> to date flash plugin.
> 
> After quite a long enjoyable stretch of having to click to activate flash
> regardless of the version installed (I've been using click to play since it
> was first possible in nightly) a short while ago the feature basically was
> taken away from me. Just because I keep flash up to date? What kind of
> motivation is that supposed to be? Punishment for doing the right thing?
> 
> And what's more the UI for click to play lies to you, about:config says it
> is enabled, and it says it will ask every time when you check in
> about:permissions (every site & globally).
> 
> So please somewhere, anywhere, give me a switch to force click to play in
> all circumstances regardless of plugin type or version. Otherwise this
> feature is noting more than a slap in the face to good netizens.

This is due to bug 549697 landing, which changes how CtP works - you can now enable it per plugin in about:addons. It was not an intentionally "your flash is up to date so we're enabling it," it was merely a change to how the CtP prefs work. See also bug 866935
Comment 49 alex_mayorga 2013-05-06 11:25:23 PDT
Found another page with a Flash video that doesn't play along with CtP over at http://gawker.com/5750211/the-full-mcbain-movie-hidden-throughout-simpsons-epsiodes

Is this a known bug or should I file a new one?
Comment 50 David Keeler [:keeler] (use needinfo?) 2013-05-06 11:31:54 PDT
(In reply to alex_mayorga from comment #49)
> Found another page with a Flash video that doesn't play along with CtP over
> at
> http://gawker.com/5750211/the-full-mcbain-movie-hidden-throughout-simpsons-
> epsiodes
> 
> Is this a known bug or should I file a new one?

Looks like that's just how the site works - if you're quick enough to open the popup notification and activate flash, it works. In the future, you can probably just list these kinds of things in bug 819972.
Comment 51 Cam 2013-08-07 08:12:37 PDT
As currently implemented in 26.0a1 there is a severe regression in click to play.

If I watch a video on a site (say youtube) and open another tab of the same site then the second tab will begin to play without my consent, wasting CPU running flash in the background and polluting the current audio with a useless background audio track that I'm not currently watching.

There should be the option to require that every plugin on every tab regardless of site or visibility needs explicit approval, otherwise click to play is completely useless and we'll have to go back to using click to flash and the like.
Comment 52 Loic 2013-08-07 08:16:44 PDT
(In reply to Cam from comment #51)
> As currently implemented in 26.0a1 there is a severe regression in click to
> play.


Please, file a new bug: https://bugzilla.mozilla.org/enter_bug.cgi?product=Core&component=Plug-ins
Comment 53 Benjamin Smedberg [:bsmedberg] 2013-08-07 10:34:10 PDT
Please do not file a new bug. This is the intended behavior, as discussed in bug 886792.
Comment 54 will69 2013-08-07 10:57:25 PDT
(In reply to Benjamin Smedberg  [:bsmedberg] PTO 8-Aug until 18-Aug, workweek high latency 19-Aug through 23-Aug from comment #53)
> Please do not file a new bug. This is the intended behavior, as discussed in
> bug 886792.

Inadvertently running more than one instance of Flash puts the fans on my portable computer into overdrive. This is detrimental to my hardware and *cannot* be the intended behaviour. Firefox+Flash is simple not usable like that. Please reconsider.
Comment 55 Kshitij Chawla 2013-08-08 05:10:23 PDT
As discussed in bug 886792, click-to-play is a security feature, intending to protect users form outdated/dangerous plugins. It is not a substitute for Flashblock etc. If a user enables a plugin on one site, then it is reasonable that they do not consider that plugin a threat on the same site in the same browsing session and so c2p allows the plugin to run. For more control over flash player etc, the add-ons route is recommended.
Comment 56 Cam 2013-08-08 07:24:12 PDT
As discussed here, that reasoning is absolutely wrong, and is in fact an anti-pattern of UX. Security should not be optional, and certainly shouldn't require installing addons that you are not informed of before you are allowed to use the browser. Moreover security should not be half-implemented because a false sense of security is worse than none.

Do you honestly think there is one person out there who sees the c2p placeholder and thinks "well that obviously enables the plugin in all cases for this entire domain"?
Comment 57 will69 2013-08-18 17:21:26 PDT
(In reply to Kshitij Chawla from comment #55)
> ... If a user enables a plugin on one site, then it is
> reasonable that they do not consider that plugin a threat on the same site
> in the same browsing session and so c2p allows the plugin to run.

Trusting a site does not imply that I also trust content served via ad delivery networks that serve content that the site owner has no control over. Those have been used to spread malware on trusted sites before.

Could you please clarify what model of trust you intend to implement? Does trusting a site mean trusting the address in the location bar only, or does trusting a site mean trusting all sites referenced from that site? The latter implementation is not what we are used to, because the Internet Explorer zone model is not transitive in that way: Trusting a site means trusting a single DNS domain. This is what (enterprise) users have been trained to expect for years now.

> For more control over flash player etc, the add-ons route is recommended.

That would be OK if Mozilla endorses and audits an add-on like click-to-play-per-element, and add-ons get a chance to be as secure as Firefox itself. I did not feel that Flashblock was on par with the original CTP implementation.
Comment 58 Carlo 'Carcarlo' Carmagnini 2013-10-01 04:47:23 PDT
As others have pointed out, I think the most useful behaviour for people running on devices with low hardware resources is enabling a single instance of a plug-in. There could be an option to enable all for that domain, as it is now, or a single process. With some notebooks it is very useful to enable just one running Flash or Silverlight video at once, enabling all for that domain often means having the CPU running at 100%. Implementing the double option (enable all for domain, enable just one) should cover all the preferences and solve the problem. For example, I find enabling a plug-in for all the domain not the behaviour I need on most of the sites.
Comment 59 Benjamin Smedberg [:bsmedberg] 2016-04-14 10:58:44 PDT
This bug is no longer being used for direct tracking: closing.

Note You need to log in before you can comment on or make changes to this bug.