Intent to Ship: Deprecate and remove Theora support.

[Dale Curtis]

Contact emails

dalec...@chromium.org

Explainer

None

Specification

https://en.wikipedia.org/wiki/Theora

Summary

Chrome will deprecate and remove support for the Theora video codec in desktop Chrome due to emerging security risks. Theora's low (and now often incorrect) usage no longer justifies support for most users. Notes: - Zero day attacks against media codecs have spiked. - Usage has fallen below measurable levels in UKM. - The sites we manually inspected before levels dropped off were incorrectly preferring Theora over more modern codecs like VP9. - It's never been supported by Safari or Chrome on Android. - An ogv.js polyfill exists for the sites that still need Theora support. - We are not removing support for ogg containers. Our plan is to begin escalating experiments turning down Theora support in M120. During this time users can reactivate Theora support via chrome://flags/#theora-video-codec if needed. The tentative timeline for this is (assuming everything goes smoothly): - ~Oct 23, 2023: begin 50/50 canary dev experiments. - ~Nov 1-6, 2023: begin 50/50 beta experiments. - ~Dec 6, 2023: begin 1% stable experiments. - ~Jan 8, 2024: begin 50% stable experiments. - ~Jan 16th, 2024: launch at 100%. - ~Feb 2024: remove code and chrome://flag in M123. - ~Mar 2024: Chrome 123 will roll to stable.

Blink component

Internals>Media>Codecs

Search tags

theora, vp3, video

TAG review

None

TAG review status

Not applicable

Risks

Interoperability and Compatibility

Sites which only provide a Theora video source will no longer have video playback. These sites would already be broken in Chrome for Android or Safari.

Gecko: Under consideration Private discussions. I asked if they'd like an RFP for this, but haven't yet heard back.

WebKit: Shipped/Shipping (https://caniuse.com/ogv) Safari never shipped support for Theora.

Web developers: Mixed signals Most developers are not likely to have an opinion, some may lament the loss of one of the first open codecs on the web.

Other signals:

Security

Security positive change -- removes support for a complicated binary parsing and decoding mechanism.

WebView application risks

Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?

None, never supported on Android or WebView.

Debuggability

Can be debugged through media dev tools or chrome://media-internals.

Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?

Yes

Not currently supported on Chrome for Android.

Is this feature fully tested by web-platform-tests?

Yes

As part of pre-work, I've switched all tests using Theora (of which there were hundreds) over to using VP8/VP9 where appropriate.

Flag name on chrome://flags

TheoraVideoCodec

Finch feature name

TheoraVideoCodec

Requires code in //chrome?

False

Tracking bug

https://bugs.chromium.org/p/chromium/issues/detail?id=1489034

Estimated milestones

DevTrial on desktop

120

Anticipated spec changes

Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way).

None

Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/5158654475239424

This intent message was generated by Chrome Platform Status.

[Dale Curtis]

Hmm, not sure why the description got reflowed, here's the formatted version:

Chrome will deprecate and remove support for the Theora video codec in desktop Chrome due to emerging security risks. Theora's low (and now often incorrect) usage no longer justifies support for most users.

Notes:
- Zero day attacks against media codecs have spiked.
- Usage has fallen below measurable levels in UKM.
- The sites we manually inspected before levels dropped off were incorrectly preferring Theora over more modern codecs like VP9.
- It's never been supported by Safari or Chrome on Android.
- An ogv.js polyfill exists for the sites that still need Theora support.
- We are not removing support for ogg containers.

Our plan is to begin escalating experiments turning down Theora support in M120. During this time users can reactivate Theora support via chrome://flags/#theora-video-codec if needed.

The tentative timeline for this is (assuming everything goes smoothly):
- ~Oct 23, 2023: begin 50/50 canary dev experiments.
- ~Nov 1-6, 2023: begin 50/50 beta experiments.
- ~Dec 6, 2023: begin 1% stable experiments.
- ~Jan 8, 2024: begin 50% stable experiments.
- ~Jan 16th, 2024: launch at 100%.
- ~Feb 2024: remove code and chrome://flag in M123.
- ~Mar 2024: Chrome 123 will roll to stable.

- dale

[Dale Curtis]

This is now tracked by:

https://bugzilla.mozilla.org/show_bug.cgi?id=1860492

[Mike Taylor]

On 10/23/23 11:54 AM, Dale Curtis wrote:

Hmm, not sure why the description got reflowed, here's the formatted version:

Chrome will deprecate and remove support for the Theora video codec in desktop Chrome due to emerging security risks. Theora's low (and now often incorrect) usage no longer justifies support for most users.

Notes:
- Zero day attacks against media codecs have spiked.
- Usage has fallen below measurable levels in UKM.
- The sites we manually inspected before levels dropped off were incorrectly preferring Theora over more modern codecs like VP9.

Meaning, once Theora support is gone, video playback continues to work for all sites you inspected because media source selection found something else playable?

- It's never been supported by Safari or Chrome on Android.
- An ogv.js polyfill exists for the sites that still need Theora support.
- We are not removing support for ogg containers.

Our plan is to begin escalating experiments turning down Theora support in M120. During this time users can reactivate Theora support via chrome://flags/#theora-video-codec if needed.

The tentative timeline for this is (assuming everything goes smoothly):
- ~Oct 23, 2023: begin 50/50 canary dev experiments.
- ~Nov 1-6, 2023: begin 50/50 beta experiments.
- ~Dec 6, 2023: begin 1% stable experiments.

Even though UKM appears to be exceedingly low, if you're not 100% confident this will be a no-op, you might consider beginning the stable experiment after the new year (and many production freezes).

--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAPUDrweFkY_XTZGDJafQ9RpT7V84WSBsoNMe5XcG6z_XN8XG2g%40mail.gmail.com.

[Dale Curtis]

On Mon, Oct 23, 2023 at 10:02 AM Mike Taylor <mike...@chromium.org> wrote:

On 10/23/23 11:54 AM, Dale Curtis wrote:

Hmm, not sure why the description got reflowed, here's the formatted version:

Chrome will deprecate and remove support for the Theora video codec in desktop Chrome due to emerging security risks. Theora's low (and now often incorrect) usage no longer justifies support for most users.

Notes:
- Zero day attacks against media codecs have spiked.
- Usage has fallen below measurable levels in UKM.
- The sites we manually inspected before levels dropped off were incorrectly preferring Theora over more modern codecs like VP9.

Meaning, once Theora support is gone, video playback continues to work for all sites you inspected because media source selection found something else playable?

Correct, if Theora support was missing users would have a higher quality experience due to a more modern codec being selected.

 

- It's never been supported by Safari or Chrome on Android.
- An ogv.js polyfill exists for the sites that still need Theora support.
- We are not removing support for ogg containers.

Our plan is to begin escalating experiments turning down Theora support in M120. During this time users can reactivate Theora support via chrome://flags/#theora-video-codec if needed.

The tentative timeline for this is (assuming everything goes smoothly):
- ~Oct 23, 2023: begin 50/50 canary dev experiments.
- ~Nov 1-6, 2023: begin 50/50 beta experiments.
- ~Dec 6, 2023: begin 1% stable experiments.

Even though UKM appears to be exceedingly low, if you're not 100% confident this will be a no-op, you might consider beginning the stable experiment after the new year (and many production freezes).

I did consider this and ran this plan by Finch team ahead of time, however given the low usage, long dev/beta experiments, that these sites would already be broken on Android/Safari, and that we'd still have time to turn down the 1% stable experiment before Finch freeze, leaving at 1% until after holiday freezes should be safe.

[Yuhong Bao]

I am asking the WMF to add MP4:

https://phabricator.wikimedia.org/T329258

[Mike Taylor]

On 10/23/23 1:13 PM, Dale Curtis wrote:

On Mon, Oct 23, 2023 at 10:02 AM Mike Taylor <mike...@chromium.org> wrote:

On 10/23/23 11:54 AM, Dale Curtis wrote:

Hmm, not sure why the description got reflowed, here's the formatted version:

Chrome will deprecate and remove support for the Theora video codec in desktop Chrome due to emerging security risks. Theora's low (and now often incorrect) usage no longer justifies support for most users.

Notes:
- Zero day attacks against media codecs have spiked.
- Usage has fallen below measurable levels in UKM.
- The sites we manually inspected before levels dropped off were incorrectly preferring Theora over more modern codecs like VP9.

Meaning, once Theora support is gone, video playback continues to work for all sites you inspected because media source selection found something else playable?

Correct, if Theora support was missing users would have a higher quality experience due to a more modern codec being selected.

 

- It's never been supported by Safari or Chrome on Android.
- An ogv.js polyfill exists for the sites that still need Theora support.
- We are not removing support for ogg containers.

Our plan is to begin escalating experiments turning down Theora support in M120. During this time users can reactivate Theora support via chrome://flags/#theora-video-codec if needed.

The tentative timeline for this is (assuming everything goes smoothly):
- ~Oct 23, 2023: begin 50/50 canary dev experiments.
- ~Nov 1-6, 2023: begin 50/50 beta experiments.
- ~Dec 6, 2023: begin 1% stable experiments.

Even though UKM appears to be exceedingly low, if you're not 100% confident this will be a no-op, you might consider beginning the stable experiment after the new year (and many production freezes).

I did consider this and ran this plan by Finch team ahead of time, however given the low usage, long dev/beta experiments, that these sites would already be broken on Android/Safari, and that we'd still have time to turn down the 1% stable experiment before Finch freeze, leaving at 1% until after holiday freezes should be safe.

OK, that sounds reasonable. Can you also request the rest of the review bits in the chromestatus entry?

[Dale Curtis]

Done, thanks I thought that was automatic these days.

 

[Mike Taylor]

LGTM1 to deprecate and remove. RIP Theora, we hardly knew ye.

[Dale Curtis]

WMF has long switched away from Theora (to VP9) per prior discussions with them and seconded by this comment: 

https://phabricator.wikimedia.org/T329258#9275042

Switching to H264+MP4 is not necessary to avoid this deprecation. VP9+MP4, VP9/VP8+WEBM, or even VP8+OGG are all more viable open codec options.

- dale

[Yoav Weiss]

LGTM2

--

You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.

To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAPUDrwcHS-cEzLXpJ6HTkQC-GU9eRhsjXg3wNBfLZX%3DTcF-Tiw%40mail.gmail.com.

[Philip Jägenstedt]

LGTM3 with sentimental feelings.

Back in 2010 (https://dev.opera.com/blog/re-introducing-video/) I was cheering for Theora and shipped support in Presto. We now have other open and RF video codecs which have been deployed on a much larger scale, and I'd like to think that Theora and the Xiph folks helped make the case for why we needed those codecs. Thank you Theora!

To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL5BFfVbvm%2BgrXCRsHY-R-AocRZ%3DjDJ%3DrB5-3bG9x%2BA8NaLxMw%40mail.gmail.com.

[Dale Curtis]

On Wed, Oct 25, 2023 at 2:32 AM Philip Jägenstedt <foo...@chromium.org> wrote:

LGTM3 with sentimental feelings.

Back in 2010 (https://dev.opera.com/blog/re-introducing-video/) I was cheering for Theora and shipped support in Presto. We now have other open and RF video codecs which have been deployed on a much larger scale, and I'd like to think that Theora and the Xiph folks helped make the case for why we needed those codecs. Thank you Theora!

+1, Theora definitely helped light the path to where we are today with https://aomedia.org/. Thanks to all the early folks involved who got us here.