Google wants to get rid of browser plug-ins, but they’re bundling quite a few with Chrome itself. On a clean install, you’ll see at least five different browser plug-ins, from the Widevine Content Decryption Module to Native Client.
These plug-ins all use Chrome’s PPAPI (Pepper API) plug-in architecture, which is more modern and sandboxed. The old NPAPI plug-in architecture, still used in Firefox, is being ripped out of Chrome by September 2015.
Widevine Content Decryption Module
Despite the name — this plug-in sounds like something installed by a third-party program — this is bundled along with Chrome. It allows Chrome to play back DRM-protected HTML5 video and audio. For example, you need this to watch Netflix’s HTML5 videos in Chrome. If you disable it and try to watch Netflix, you’ll see an error message saying there’s a problem with the Widevine component.
This is a result of the way HTML5’s “encrypted media extensions” (EME) work. They allow a web page to require a small plug-in that handles the DRM. This is controversial — which is why Mozilla Firefox resisted implementing it for so long. But, in a practical sense, it’s certainly better to have a small plug-in handle the DRM while the browser handles the rest. The alternative is a plug-in like Adobe Flash or Microsoft Silverlight, where a large plug-in handles everything, from DRM to playback.
This plug-in is only activated when you access a DRM-protected media stream that requires it — like Netflix, for example. You’re free to disable it if you like, but your browser wouldn’t be able to access such media files.
Native Client is a Google-created technology that allows developers to take C or C++ code and compile it to run in a web browser. The code can be architecture-independent — so it can run on ARM or standard Intel x64/x86 processors — and it’s always sandboxed for security purposes. Theoretically, this could enable desktop-class applications written with native code in your web browser, and they should run nearly as fast as the same applications would run outside of the sandbox.
This technology is very interesting, but — in practice — isn’t used very frequently, even though it’s been around for years. The most prominent examples include some of the more complex games you’ll find on the Chrome Web Store. For example, the popular game “Bastion” was ported to Chrome via Native Client. Install it from the Chrome Web Store and launch it to see Native Client in action.
Adobe Flash Player
Yes, Chrome bundles the Adobe Flash Player plug-in along with Chrome itself. This allows Google to update Adobe Flash along with Chrome, ensuring users get the latest version of Flash via Chrome’s automatic update process.
This is actually a different version of the Flash plug-in. Google worked with Adobe to port their old NPAPI Flash plug-in code to the more modern PPAPI architecture, so this plug-in is sandboxed unlike the typical NPAPI Flash plug-in you’d use in Mozilla Firefox. Adobe now offers PPAPI versions of the Flash plug-in you can download if you use Chromium or Opera, too. But you don’t have to install anything extra if you’re using Chrome. Chrome just comes with an up-to-date, sandboxed version of Flash and keeps it up to date.
We still recommend you use click-to-play for Flash, anyway. It’ll help improve your browser’s security and also save battery life on your laptop as all that Flash content all over the web won’t automatically load. And, if you don’t want to use Flash, you still don’t have to — you could just disable it on Chrome’s plug-ins page.
Chrome Remote Desktop Viewer
Chrome also includes the Chrome Remote Desktop Viewer plug-in, which the Chrome Remote Desktop app needs. It allows you to remotely access your computer from anywhere. If you don’t install and configure Chrome Remote Desktop, this plug-in remains inactive and won’t do anything. If you’re extra paranoid about it, you could always disable it from the chrome://plugins page — although you can’t remove it from your system.
Install Google’s Chrome Remote Desktop app from the Chrome Web Store and you can use it to set up a remote desktop server on your computer. This will install a service that runs in the background, and you can use the Chrome Remote Desktop app on another computer running Chrome — or the Chrome Remote Desktop apps for Android or iOS — to remotely access your computer. It’s a convenient remote desktop solution that doesn’t require port-forwarding or firewall fiddling.
Chrome PDF Viewer
Chrome includes a built-in PDF viewing plug-in. When you click a PDF link on a web page, Chrome loads the lightweight PDF plug-in and uses it to display that PDF directly in a browser tab. You don’t have to use other PDF viewers or install the heavy Adobe Reader software and worry about installing security updates for it.
This PDF viewer can also display PDFs saved as files on your computer. Drag-and-drop a PDF file into Chrome to view it. Or, you can right-click a PDF file and tell Windows to always open PDF files in Chrome. Chrome will function as a capable PDF viewer.
Chrome’s built-in PDF viewer includes the basic viewing features you’ll need, but more advanced features — electronically signing a document, for example — will require a separate PDF viewer like Adobe Reader for Windows or Preview for Mac OS X. Don’t bother installing Adobe Reader if the built-in Chrome PDF Viewer works for you. If you’d rather download PDF files and use them in an external application every single time, you can disable the PDF viewer plug-in
Depending on your operating system, you may have some additional plug-ins installed by default. But these come from the operating system and other software installed, not Chrome. For example, Mac versions of Chrome will have a “Default Browser Helper” plug-in installed. This plug-in is included with Mac OS X and allows Apple to prompt you to make Safari your default browser while using Chrome — yes, it does seem rather silly.