Update: It looks like Flash has been updated to 18.104.22.168, so this workaround shouldn’t be needed. Save it for a rainy day (or the next time Firefox blocklists Flash.)
This big news today is that Mozilla blocked version 22.214.171.124 of Flash because of security vulnerabilities. At the time they blocked it, it was the latest version of Flash available. While this might be great for users, there are enterprises that have mission critical apps that require Flash.
Although you can use the various notifications in Firefox to re-enable Flash (it’s what Firefox calls a soft block), you might wonder how you can make sure Flash is enabled for the specific domains you need it on regardless of the status of Flash security. You can do that using the Firefox permissions manager.
The easiest way to do this is using the CCK2. When you enable all plugins for a domain on the permissions page, it makes sure that Flash and Java work on that domain even if they are vulnerable.
If you are using AutoConfig, you can add this code to your config file:
Components.utils.import("resource://gre/modules/Services.jsm"); Components.utils.import("resource://gre/modules/NetUtil.jsm"); Services.perms.add(NetUtil.newURI("http://some.domain"), "plugine:flash", 1); Services.perms.add(NetUtil.newURI("http://some.domain"), "plugin-vulnerable:flash", 1);
This will make sure that flash always works on the given domain. If you want to do this inside of your browser, you can check out the Scratchpad.
Note that for security reasons, you shouldn’t enable the vulnerable versions of Flash and Java for any domain that you don’t have control over.