BT

Your opinion matters! Please fill in the InfoQ Survey!

Chrome 54 Kills YouTube Flash Embeds

| by James Chesters Follow 1 Followers on Oct 17, 2016. Estimated reading time: 2 minutes |

Google has launched Chrome 54. The latest release further side-lines Flash in the browser by using HTML5 for YouTube embed, and includes a number of fixes and improvements.

The move away from Flash has been a work in progress for Google for some time, with various updates making HTML5 the primary experience for users and developers. 

YouTube itself switched to using HTML5 by default in January 2015, and last year Google changed how Chromium hints to websites about the presence of Flash.

From Chrome 45, the browser detected if Flash content was present in a web page, before running only the most important content, and pausing all other Flash content.

Chrome's 54 stable release rewrites YouTube Flash embeds, so that when a Flash embed for YouTube is detected, the browser will automatically use HTML5 instead. Google said that the change had been made "to reduce the overall usage" of Flash in Chrome.

Also of note in Chrome 54 is the new Custom Elements v1 spec.

In the blog post Custom Elements v1: Reusable Web Components, Google engineer Eric Bidelman said with custom elements "web developers can create new HTML tags, beef-up existing HTML tags, or extend the components other developers have authored," and that while the concepts from v0 are the same, the v1 spec has important API differences.

Regarding defining an element's JavaScript API in v1, Bidelman says:

The functionality of a custom element is defined using an ES2015 class which extends HTMLElement. Extending HTMLElement ensures the custom element inherits the entire DOM API, and means any properties/methods that you add to the class become part of the element's DOM interface. Essentially, use the class to create a public JavaScript API for your tag.

Bidelman gives the following example of defining the DOM interface of AppDrawer, where properties are reflected as HTML attributes:

class AppDrawer extends HTMLElement {

  // A getter/setter for an open property.
  get open() {
    return this.hasAttribute('open');
  }

  set open(val) {
    // Reflect the value of the open property as an HTML attribute.
    if (val) {
      this.setAttribute('open', '');
    } else {
      this.removeAttribute('open');
    }
    this.toggleDrawer();
  }

  // A getter/setter for a disabled property.
  get disabled() {
    return this.hasAttribute('disabled');
  }

  set disabled(val) {
    // Reflect the value of the disabled property as an HTML attribute.
    if (val) {
      this.setAttribute('disabled', '');
    } else {
      this.removeAttribute('disabled');
    }
  }

  // Can define constructor arguments if you wish.
  constructor() {
    // If you define a ctor, always call super() first!
    // This is specific to CE and required by the spec.
    super();

    // Setup a click listener on <app-drawer> itself.
    this.addEventListener('click', e => {
      // Don't toggle the drawer if it's disabled.
      if (this.disabled) {
        return;
      }
      this.toggleDrawer();
    });
  }

  toggleDrawer() {
    ...
  }
}

customElements.define('app-drawer', AppDrawer);

In the same blog post ​Bidelman provides more information on CustomElements, including extending custom elements and custom element reactions. 

The 54 release also includes many security fixes. Although Google restricts detailed information about the issues, Richard Bustamante's stable channel update lists 21 security fixes in total, including six ranked "High." Among these is a URL spoofing vulnerability, as well as a Universal XSS (CVE-2016-5181) and Heap overflow (CVE-2016-5182) affecting Google's browser engine Blink.

Also fixed are three high-severity issues all relating to PDFium, Google's PDF software library.

According to Google's API Deprecations and Removals in Chrome 54, the latest release disallows cross-origin navigations in window.onunload event handlers, bringing Chrome inline with the HTML spec. Also deprecated is HTTP/0.9 (developers should move to HTTP/2), and initTouchEvent has been removed altogether.

Chrome 55 is expected to be available from November.

Rate this Article

Adoption Stage
Style

Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Discuss

Login to InfoQ to interact with what matters most to you.


Recover your password...

Follow

Follow your favorite topics and editors

Quick overview of most important highlights in the industry and on the site.

Like

More signal, less noise

Build your own feed by choosing topics you want to read about and editors you want to hear from.

Notifications

Stay up-to-date

Set up your notifications and don't miss out on content that matters to you

BT