[eridius]

If FedEx relies on opening a .swf file directly in a new window, you need to select Run Always, because Google apparently doesn't give a shit about doing things right and made it so no amount of whitelisting will allow it to run .swf files directly (instead it just downloads the .swf).

[dkersten]

Where flash is concerned, for me, doing things right is exactly what Google are doing here.

[eridius]

No, they really aren't. If a site opens a .swf file in a new window, Chrome should behave exactly as though it opened an HTML page that embedded the SWF, i.e. letting me approve it, and playing it if I've whitelisted the domain. Instead it will always download the SWF if you have your Flash content settings set to anything else besides Run Always. It's really stupid and it means I have to keep Flash enabled globally (which I really don't want to do) simply because Google doesn't care enough to handle edge cases properly.

[sqeaky]

Doing things "right"...

I would rather know where flash beings and ends and have to jump through hoops. Actually I would prefer it never run at all ever. Flash not run is "right".

There have been too many security flaws where Flash would allow remote execution of arbitrary code, and that eventually means viruses. If my family gets a virus, then I am on the hook for it.

[eridius]

Yes, this is precisely why Chrome's current behavior is awful. It's forcing me to set Flash to "Run Always", which is a security and privacy problem, simply because one site I use opens .swf files in new windows instead of embedding them in HTML pages.