A few days ago, a major update to Adobe’s Flash Player (specifically Flash Player 9 Update 3) was let loose. This was a major update for Flash. It includes enhanced video support (H.264) as well as multi-core processor support for better performance. If you visit Adobe.com as of this posting, you’ll see that Flash video is a major part of Adobe’s Flash story…and rightly so. Flash is an excellent video delivery platform.
But Flash is a lot more than that. It’s evolved into a full-blown software platform. It does a lot of different things these days. Along with its leadership position in delivering Internet video, countless games have been built on Flash. It’s also the medium of choice for ultra-glossy promotional destinations for big budget movies and high profile games. On top of all that, along with Flex, Adobe’s excellent RIA platform, it’s a cross-platform for delivering business applications. That’s a lot of hats to wear, and for the most part Flash wears them well…for the most part.
At Arc90, we invested early in the Flex strategy. Not long after Flex 2 was released, we had applications running in production on the platform. There were a few kinks here and there – many expected with a young software platform – but overall it’s been the right decision for ourselves and our clients.
With the update to Flash last week, all hell broke loose. Through an obscure, poorly-documented change to how Flash handles Basic HTTP Authentication (in short, it hardly did before, and now it doesn’t at all), every one of our Flex-based software applications broke. The modification is not a bug. It’s a security fix as far as Adobe’s concerned.
A few things went wrong here:
- We didn’t know what changed. This update was all about video. There were other changes and fixes in place, but you really have to dig to find out what’s changed. As for this particular change, you had to do some serious investigating to find out about it. If we’re going to ask our clients to rely on Flash as the “OS” to run the business software we build for them, we need a better way of finding out early how their applications may be impacted.
- The Mysterious Propagation Of Flash. We’ve got a few thousand users that regularly use one of our Flash applications. When we found out about the problem, we had no idea if or when it would start impacting our users. There isn’t a single resource that we could find that clearly outlines how the operating system we’re relying on – Flash – updates itself to our user base.
- Adobe Decides On The Update, Not Us. On a related point, we can’t stop the update from happening. There are countless organizations out there that are still running Windows 2000. How can we expect them to tolerate a software platform that updates itself depending on whether a user visits Youtube?
- Adobe’s Flash/Flex HTTP Support Is Lousy. There’s no other way to put it. At Arc90, we believe in leveraging agreed-upon standard protocols. While SOAP and AMF support are baked into the the Flex framework, HTTP service support is half-hearted at best.
In all fairness, Adobe has been very responsive on this issue. Emmy Huang, product manager for Flash player, got back to us very quickly and conceded they could’ve done a better job at informing the development community of this change. Also, it’s worth noting that we appear to be in the neglected minority in terms of utilizing truly RESTful protocols to talk to Flash applications. Still, if you’re going to support HTTP services, why not properly do so?
At Arc90, we are big believers in Adobe’s strategy around Rich Internet Applications. The sheer power of the Flash runtime, the elegance of the Actionscript 3 object model and the exciting possibilities of bringing all these great applications to the desktop via AIR are all key reasons why we are steering our energy in Adobe’s direction.
Still, we need the right backing to continue to confidently evangelize Adobe’s platforms to our clients. We quickly patched our current applications to work around the change. Still, we can’t help but feel hesitant about what comes next.
I’ll end this post with a quote from one of our key clients in response to this whole episode: “How do I know this isn’t going to happen again?”