ProHoster > Blog > internet news > Firefox 108 release

Firefox 108 release

The Firefox 108 web browser has been released. In addition, an update to the long-term support branch, 102.6.0, has been formed. The Firefox 109 branch, which is scheduled for release on January 17, will soon be transferred to the beta testing stage.

Key innovations in Firefox 108:

  • Added keyboard shortcut Shift+ESC to quickly open the process manager page (about:processes), which allows you to evaluate which processes and internal threads are consuming excessive memory and CPU resources.
    Firefox 108 release
  • Optimized animation frame scheduling under high load conditions to improve MotionMark scores.
  • When printing and saving PDF forms, the ability to use characters in languages ​​other than English is provided.
  • Implemented support for the correct color correction of images, in accordance with ICCv4 color profiles.
  • The "Only show on New Tab" setting for showing the bookmarks bar correctly works for empty new tabs.
  • Cookiebanners.bannerClicking.enabled and cookiebanners.service.mode settings have been added to about:config to auto-click on banners that request permission to use cookies on sites. In the interface of nightly builds, switches have been implemented to control auto-clicking on Cookie banners in relation to certain domains.
  • The Web MIDI API has been added, which allows interacting with musical devices connected to the user's computer with a MIDI interface from a web application. The API is only available for pages loaded over HTTPS. When calling the navigator.requestMIDIAccess() method, if there are MIDI devices connected to the computer, the user is prompted to install the Site Permission Add-on required to activate access (see description below).
  • An experimental Site Permission Add-on mechanism has been proposed to control site access to potentially dangerous APIs and features that require extended privileges. Harmful refers to capabilities that can physically damage hardware, make irreversible changes, be used to install malicious code on devices, or leak user data. For example, in the context of the Web MIDI API, a Permission Add-on is used to grant access to an audio synthesis device connected to a computer.
  • Support for import maps is enabled by default, allowing you to control which URLs will be loaded when importing JavaScript files via import and import() statements. The import map is specified in JSON format in the element с новым атрибутом «importmap». Например: { «imports»: { «moment»: «/node_modules/moment/src/moment.js», «lodash»: «/node_modules/lodash-es/lodash.js» } }

    After declaring this import map in JavaScript code, to load and execute the JavaScript module '/node_modules/moment/src/moment.js', you can use the expression 'import moment from 'moment';' without detailing the path (equivalent to 'import moment from "/node_modules/moment/src/moment.js";').

  • In the element " "implemented support for the "height" and "width" attributes that define the height and width of the image in pixels. The specified attributes are valid only when the element " » is nested in the element « ' and are ignored when nesting in elements And . To disable processing "height" and "width" in added setting "dom.picture_source_dimension_attributes.enabled" to about:config.
  • CSS provides a set of trigonometric functions sin(), cos(), tan(), asin(), acos(), atan(), and atan2().
  • CSS implements the round() function to select a rounding strategy.
  • Type is implemented in CSS , which allows you to use well-known mathematical constants, such as Pi and E, as well as the values ​​of infinity and NaN, in mathematical functions. For example, "rotate(calc(1rad * pi))".
  • The CSS query “@container”, which allows you to style elements depending on the size of the parent element (an analogue of the “@media” query, which is applied not to the size of the entire visible area, but to the size of the block (container) in which the element is placed), has been added experimental support for cqw (1% of width), cqh (1% of height), cqi (1% of inline size), cqb (1% of block size), cqmin (smallest cqi or cqb value) and cqmax ( largest value of cqi or cqb). The feature is disabled by default and is enabled via the layout.css.container-queries.enabled setting in about:config.
  • JavaScript has added the Array.fromAsync method to create an array from asynchronously received data.
  • Support for "style-src-attr", "style-src-elem", "script-src-attr" and "script-src-elem" directives has been added to the CSP (Content Security Policy) HTTP header, providing the functionality of style and script, but with the ability to apply them to individual elements and event handlers such as onclick.
  • Added a new domContentLoaded event that is called when the content has finished loading.
  • Added forceSync option to .get() method to force synchronization.
  • Implemented a separate area of ​​the panel for placing widgets WebExtension-add-ons.
  • The logic of the blacklist of Linux drivers incompatible with WebRender has been changed. Instead of maintaining a white list with working drivers, a switch was made to maintaining a black list of problematic drivers.
  • Improved Wayland protocol support. Added handling of the XDG_ACTIVATION_TOKEN environment variable with an activation token for the xdg-activation-v1 protocol, with which one application can switch focus to another. Fixed problems that occurred when moving the bookmarks with the mouse.
  • Panel animation is enabled on most Linux systems.
  • About:config provides a setting gfx.display.max-frame-rate to limit the maximum frame rate.
  • Added support for the Emoji 14 character specification.
  • The WebGL extension OES_draw_buffers_indexed is enabled by default.
  • Implemented the ability to use the GPU to speed up Canvas2D rasterization.
  • On the Windows platform, sandbox isolation of processes interacting with the GPU is enabled.
  • Added support for SIMD instructions FMA3 (multiply-add with one round).
  • Background tab processes on the Windows 11 platform now run in Efficiency mode, which causes the Task Scheduler to decrease execution priority to reduce CPU usage.
    Firefox 108 release
  • Improvements in Android version:
    • Added the ability to save a web page as a PDF document.
    • Implemented support for grouping tabs in a panel (tabs can be swapped after holding down a tap on a tab).
    • Provided a button to open all bookmarks from the specified section in new tabs in a new window or in incognito mode.

In addition to innovations and bug fixes, Firefox 108 fixes 20 vulnerabilities. 16 vulnerabilities are marked as dangerous, of which 14 vulnerabilities (collected under CVE-2022-46879 and CVE-2022-46878) are caused by memory problems, such as buffer overflows and access to already freed memory areas. These issues can potentially lead to malicious code being executed when specially designed pages are opened. Vulnerability CVE-2022-46871 is associated with the use of code from an outdated version of the libusrsctp library, which contains unpatched vulnerabilities. Vulnerability CVE-2022-46872 allows an attacker with access to a page-processing process to bypass sandbox isolation in Linux and read the contents of arbitrary files through manipulation of IPC messages associated with the clipboard.

Source: opennet.ru

Add a comment