ProHoster > Blog > internet news > Firefox 68

Firefox 68

Available Firefox 68 release.

Major changes:

  • Completely rewritten address bar code - HTML and JavaScript are used instead of XUL. The external differences between the old (Awesome Bar) and the new (Quantum Bar) line are only that the ends of the lines that do not fit into the address bar now fade out instead of cutting (...), and to delete entries from the history, instead of Delete / Backspace, you need to use Shift+Delete/Shift+Backspace. The new address bar is faster and allows you to expand your experience with add-ons.
  • The add-ons management page (about:addons) has also been completely rewritten to Web API. Delete/disable buttons moved to the menu. In the properties of add-ons, you can see requested permissions and release notes. A separate section has been added for disabled add-ons (previously they were just placed at the end of the list), as well as a section with recommended add-ons (each version undergoes a thorough security check). Now you can report a malicious or too slow add-on.
  • The code responsible for restoring the previous session is rewritten from JS to C++.
  • Added an about:compat page where you can manage site-specific "fixes". These are temporary fixes for websites that don't work correctly (for example, changing the user agent or running scripts that fix work in Firefox). about:compat makes it easy to view active fixes and allows web developers to disable them for testing purposes.
  • Synchronization settings can be accessed directly from the main menu.
  • The dark theme in reading mode is applied not only to the content of the page, but also to the interface (toolbars, sidebars, controls).
  • Firefox will attempt to automatically fix HTTPS errorscaused by third-party antivirus software. Firefox has historically used its own certificate store instead of the system one, which has a positive impact on safety, but requires antivirus software to import its root certificate into the browser's store, which some vendors neglect. If the browser detects a MitM attack (which can be caused by an antivirus that is trying to decrypt and check the traffic), it will automatically enable the security.enterprise_roots.enabled setting and try to use certificates from the system store (only certificates added there by third-party software are used, certificates supplied with with the OS are ignored). If this helped, then the setting will remain enabled. If the user explicitly disables security.enterprise_roots.enabled, then the browser will not attempt to enable it. In the new release of ESR, this setting is enabled by default. In addition, an icon has been added to the notification area (to the left of the address bar), indicating that the site you are viewing uses a certificate imported from the system store. The developers note that the use of system certificates does not affect security (only certificates added to the system third-party software are used, and since third-party software got the right to add them there, it could just as well add them to the Firefox repository).
  • Requests to allow push notifications will not be shown until the user explicitly interacts with the page.
  • Access to camera and microphone from now on can only be executed from a secure context (i.e. from pages loaded via HTTPS).
  • After 2 years, a symbol was added to the stop list (a list of characters that are not allowed in domain names) Κʻ / ĸ (U+0138, *Kra*). In the capital version, it looks like the Latin “k” or the Cyrillic “k”, which could play into the hands of phishers. All this time, the developers tried to resolve the issue through the Unicode technical committee (add this character to the “historical” category), but they forgot about it when the next edition of the standard was released.
  • In official builds, you can no longer disable multiprocessing. Single-process mode (in which the browser interface and the contents of the tabs run in the same process) is less secure and not fully tested, which may lead to stability issues. For lovers of single-process mode workarounds provided.
  • Changed behavior when synchronizing settings. From now on, only the settings included in the list defined by the developers are synchronized by default. You can return the previous behavior (synchronize absolutely all changed settings) through about:config.
  • The following CSS properties have been implemented: scroll-padding, scroll-margin, scroll-snap-align, counter-set, -webkit-line-clamp.
  • Added pseudo element support ::marker and its animations.
  • Primitive support enabled by default BigInt.
  • window.open() now respects the passed parameter "noreferrer".
  • Added support HTMLImageElement.decode() (loading images before adding them to the DOM).
  • Lots of improvements in developer tools.
  • Localizations bn-BD and bn-IN merged into bengali (bn).
  • Removed localizations left without maintainers: Assamese (as), South African English (en-ZA), Maithili (mai), Malayalam (ml), Oriya (or). Users of these languages ​​will be automatically switched to British English (en-GB).
  • API WebExtensions got tools for working with userscripts. This has the potential to address security issues (unlike Greasemonkey/Violentmonkey/Tampermonkey, each script runs in its own sandbox) and stability (no race between page load and script insertion), and allows the script to be executed at the desired page load stage.
  • The view_source.tab setting has been returned, allowing you to open the source code of the page in the same tab, and not in a new one.
  • The dark theme can now be applied to browser service pages (for example, the settings page), the browser.in-content.dark-mode setting is responsible for this.
  • Windows 10 devices with AMD graphics cards have WebRender enabled.
  • A fresh install on Windows 10 will add a shortcut to the taskbar.
  • The Windows version now uses Background Intelligent Transfer Service (BITS).

Developer release notes

Source: linux.org.ru

Add a comment