Google will join Mozilla in removing support for Netscape Plug-In API (NPAPI)-based browser plug-ins, which it blames for "hangs, crashes, security incidents and code complexity".
The web giant's security engineer and plug-in retirement planner, Justin Schuh, said in a blog post that it would begin blocking NPAPI-based plug-ins in Chrome from January next year.
NPAPI is a cross-browser application programming interface for plug-ins.
Google said the top five NPAPI-based plug-ins by usage will be whitelisted with support for them gradually phased out over time. These include Microsoft Silverlight, Unity, Google Earth, Google Talk and Facebook Video.
Other NPAPI-based plug-ins are used by less than five percent of the Chrome user base, Google estimates.
"Eventually, NPAPI support will be completely removed from Chrome," Schuh said.
"We expect this to happen before the end of 2014, but the exact timing will depend on usage and user feedback."
Google already blocks Java plug-ins, which use NPAPI, by default for security reasons.
The firm has been moving away from NPAPI for some time. Last year, it ported Adobe Flash "from the ageing NPAPI architecture to our sandboxed PPAPI [Pepper Plug-In API] platform".
The complex port provided security benefits for Windows users of the Chrome browser, and cut 'Flash crashes" by about 20 percent.
Google already warns developers of Chrome extensions to only use NPAPI as a last resort, particularly due to the security risks it introduces.
"NPAPI is a really big hammer that should only be used when no other approach will work," it said.
From today, developers won't have a choice in the matter.
"No new Apps or Extensions containing NPAPI-based plug-ins will be allowed in the [Chrome] Web Store," Schuh said.
"Developers will be able to update their existing NPAPI-based Apps and Extensions until May 2014, when they will be removed from the Web Store home page, search results, and category pages.
"In September 2014, all existing NPAPI-based Apps and Extensions will be unpublished. Existing installations will continue to work until Chrome fully removes support for NPAPI."
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
_page-0001.jpg&w=100&c=1&s=0)
Integrate Expo 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
