BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Topics

Choose your language

InfoQ Homepage News Chrome 54 Kills YouTube Flash Embeds

Chrome 54 Kills YouTube Flash Embeds

Google has launched Chrome 54. The latest release further side-lines Flash in the browser by using HTML5 for YouTube embed, and includes a number of fixes and improvements.

The move away from Flash has been a work in progress for Google for some time, with various updates making HTML5 the primary experience for users and developers. 

YouTube itself switched to using HTML5 by default in January 2015, and last year Google changed how Chromium hints to websites about the presence of Flash.

From Chrome 45, the browser detected if Flash content was present in a web page, before running only the most important content, and pausing all other Flash content.

Chrome's 54 stable release rewrites YouTube Flash embeds, so that when a Flash embed for YouTube is detected, the browser will automatically use HTML5 instead. Google said that the change had been made "to reduce the overall usage" of Flash in Chrome.

Also of note in Chrome 54 is the new Custom Elements v1 spec.

In the blog post Custom Elements v1: Reusable Web Components, Google engineer Eric Bidelman said with custom elements "web developers can create new HTML tags, beef-up existing HTML tags, or extend the components other developers have authored," and that while the concepts from v0 are the same, the v1 spec has important API differences.

Regarding defining an element's JavaScript API in v1, Bidelman says:

The functionality of a custom element is defined using an ES2015 class which extends HTMLElement. Extending HTMLElement ensures the custom element inherits the entire DOM API, and means any properties/methods that you add to the class become part of the element's DOM interface. Essentially, use the class to create a public JavaScript API for your tag.

Bidelman gives the following example of defining the DOM interface of AppDrawer, where properties are reflected as HTML attributes:

class AppDrawer extends HTMLElement {

  // A getter/setter for an open property.
  get open() {
    return this.hasAttribute('open');
  }

  set open(val) {
    // Reflect the value of the open property as an HTML attribute.
    if (val) {
      this.setAttribute('open', '');
    } else {
      this.removeAttribute('open');
    }
    this.toggleDrawer();
  }

  // A getter/setter for a disabled property.
  get disabled() {
    return this.hasAttribute('disabled');
  }

  set disabled(val) {
    // Reflect the value of the disabled property as an HTML attribute.
    if (val) {
      this.setAttribute('disabled', '');
    } else {
      this.removeAttribute('disabled');
    }
  }

  // Can define constructor arguments if you wish.
  constructor() {
    // If you define a ctor, always call super() first!
    // This is specific to CE and required by the spec.
    super();

    // Setup a click listener on <app-drawer> itself.
    this.addEventListener('click', e => {
      // Don't toggle the drawer if it's disabled.
      if (this.disabled) {
        return;
      }
      this.toggleDrawer();
    });
  }

  toggleDrawer() {
    ...
  }
}

customElements.define('app-drawer', AppDrawer);

In the same blog post ​Bidelman provides more information on CustomElements, including extending custom elements and custom element reactions. 

The 54 release also includes many security fixes. Although Google restricts detailed information about the issues, Richard Bustamante's stable channel update lists 21 security fixes in total, including six ranked "High." Among these is a URL spoofing vulnerability, as well as a Universal XSS (CVE-2016-5181) and Heap overflow (CVE-2016-5182) affecting Google's browser engine Blink.

Also fixed are three high-severity issues all relating to PDFium, Google's PDF software library.

According to Google's API Deprecations and Removals in Chrome 54, the latest release disallows cross-origin navigations in window.onunload event handlers, bringing Chrome inline with the HTML spec. Also deprecated is HTTP/0.9 (developers should move to HTTP/2), and initTouchEvent has been removed altogether.

Chrome 55 is expected to be available from November.

Rate this Article

Adoption
Style

BT