Why is Java plug in being deprecated

Question

As per the Java 9 specifications, Java plug in is being deprecated. A well known reason behind this is the removal of plug in support entirely by the popular web browsers.

Is there any other reason why this step is being taken? I had read in one of the articles (from unreliable source) that the plug in mechanism lead to security risks. Is that true? If yes how?

Also, why did each of the popular browsers took decision on removing support for the plug in?

@litelite: Thanks for the quick response. That partly answers my query. However, I'm unable to understand how is security compromised by the plug-ins. — Curious Coder, Jul 19 '17 at 13:58
@litelite Can you transform that to an answer? It likely answers OPs questions, as he already mentioned. — Zabuzard, Jul 19 '17 at 14:11
@litelite: The concept is clear to me now. Thanks for the explanation. :) — Curious Coder, Jul 20 '17 at 07:09

litelite · Answer 1 · 2017-07-19T14:19:13.690

The browsers removed it for the same reasons they removed flash. It relied on a third party plugin that was filled with security holes that they could not patch themselves. And they have that new shinny technology (HTML5 and all the goodies that came with it) that meant they did not need to tolerate it anymore because all the things the plugin made possible are now available without. And now that no one is really using it, it's not worth maintaining.

And the reason for all the security holes is because the plugin had a lot of bugs that could be exploited by an attacker to gain access to the client's machine.

Why is Java plug in being deprecated

1 Answers1