Google has announced that Chrome will gradually phase out support for the Netscape Plug-in API, NPAPI. In its place it will offer its own native code interface for any extensions that are required. Of course, these will only work with Chrome.
NPAPI is a cross browser standard for plugins. It is currently supported by all of the well-known browsers with the exception of IE. In its day NPAPI was the way to add functionality that went well beyond the basic browser - providing support for Flash, Silverlight, Java, Quicktime and lots of others.
As of January 2014 Chrome will start to block NPAPI plug-ins by default. For an interim period users will be able to whitelist plug-ins that they depend upon, but by some time towards the end of the year all plug-in support will be removed.
The Chrome web store will also phase out NPAPI support and no new apps that make use of NPAPI will be accepted. Updates to existing apps will will be allowed until May 2014, after which the apps will be removed. Any existing installations will continue to work with Chrome until NPAPI support is removed from the Chrome browser.
So what impact will all of this have?
Not a great deal according to Google after it collected some data on plug-in use. It discovered that of the plug-ins that are not already blocked for security reasons:
- Silverlight was launched by 15% of Chrome users last month
- Unity - 9.1%
- Google Earth - 9.1%
- Google Talk - 8.7%
- Facebook Video - 6.0%
Java which is blocked for security reasons was unblocked and launched by 8.9% of users.
One NPAPI support is switched off these simply won't work.
One thought is that this is a extra nail in Silverlight's coffin, hammered in by Google and probably to the pleasure of Microsoft. Expect Microsoft to cite the lack of browser support when it finally gets up the courage to announce that it is an ex-product.
From Chrome's point of view the two important plug-ins which are not in the above list are Flash and PDF viewer. The reason that these are not listed is that they have been modified not to use NPAPI. They both make use of PPAPI, which is Google's own way of building plug-ins. Based on NaCl which is Google's system for allowing native apps to work with Chrome. PPAPI is sandboxed and in theory more secure.
Security is the superficial reason for getting rid of NPAPI, and this is a reasonable concern, but to replace it by something that is currently as non-standard as PPAPI and/or NaCl pushes Chrome out into a different browser division. There will be websites that you won't be able to browse using the non-NPAPI supporting Chrome.
Mozilla is also trying to move away from NPAPI but it is giving users the opportunity to run the plug-in - so called Click to Play. Google cites this as reason enough, plus the fact that it isn't supported on mobile browsers, to drop NPAPI completely and offer developers a non-standard solution.
NPAPI needed a replacement, but rubbing NaCl into it isn't the way to do it.