Enable click-to-play for Flash & Java in Chrome, Firefox & Safari

Mattias Geniar, Monday, July 13, 2015 - last modified: Tuesday, November 10, 2015

The last few days at least 4 major vulnerabilities for Flash were revealed, as part of the leaked files from the Hacking Team compromise.

If you hadn't done it before, now would be a great time to configure Chrome to not automatically play flash, but require a click-to-play action. The alternative would be to completely uninstall Flash, but that may not always be desirable if you consume content that still requires Flash.

Enabling the click-to-play is easily configured.

Click-to-play in Chrome

First, go to the settings page, either via the menu in the upper right or by typing chrome://settings in the address bar.

Search for plugins in the search field and click on Content Settings.

chrome_settings_plugin

Once in Content Settings, scroll down until you reach the Plugins section and chose the third option, Let me choose when to run plugin content.

chrome_settings_flash_click_to_play

Now whenever you reach flash content, you will be required to activate the plugin first by ctrl+click on the plugin area.

chrome_flash_blocked

Alternatively, you can enable plugin content again by clicking the little icon in the right-hand side of the address bar.

chrome_content_blocked

Click-to-play in Safari

Thanks to Chris for the explanation, here's how to do it in Safari.

For safari open Preferences and on the Security Tab open "Website Settings" next to "Internet Plugins". They set the option "When visiting other website" to "Ask".

safari_click_to_play

Click-to-play in Firefox

Thanks to Jan for this heads-up. Here's how to activate the "click to play" in Firefox.

In Firefox, go to Tools and Add-ons, then navigate to Plugins in the left-hand menu.

Go to the Flash plugin and change the dropdown on the right to "Ask to activate".

click_to_activate_flash_firefox

If you hadn't done so already, these recent security exploits for Flash should motivate you to enable click-to-play for browser plugins as soon as possible.



Hi! My name is Mattias Geniar. I'm a Support Manager at Nucleus Hosting in Belgium, a general web geek & public speaker. Currently working on DNS Spy & Oh Dear!. Follow me on Twitter as @mattiasgeniar.

Share this post

Did you like this post? Will you help me share it on social media? Thanks!

Comments

Chris Ramakers Monday, July 13, 2015 at 10:13 - Reply

For safari open Preferences and on the Security Tab open “Website Settings” next to “Internet Plugins”. They set the option “When visiting other website” to “Ask”

https://www.evernote.com/shard/s10/sh/a769a7a7-4ebf-469f-ba66-806d2e329901/0aa6ae8695a1cbc7/res/f83b5880-7671-46c2-9e43-52d36fffaa26/skitch.png


Leave a Reply

Your email address will not be published. Required fields are marked *