web browser release and Firefox 68.2 for the Android platform. In addition, an update has been long term support (maintenance of the previous 60.x ESR branch has been discontinued). Coming soon to the stage the Firefox 71 branch will be switched, in accordance with The release is scheduled for December 3rd.
:
- In advanced anti-tracking mode blocking social media widgets that track user movement on third-party sites (for example, Facebook Like buttons and Twitter embeds). For forms of authentication through an account on social networks, it is possible to temporarily disable the blocking;
- Added a summary report on completed locks, in which you can track the number of locks by day of the week and type;
- System add-on included (previously the add-on was shipped as Lockbox), which new "about:logins" interface for managing saved passwords. The add-on displays a button on the panel through which you can quickly view the accounts saved for the current site, as well as perform search and edit password operations. It is possible to access saved passwords through a separate mobile application , which supports auto-completion of passwords in the authentication forms of any mobile applications;
- Integrated system add-on Which displaying a warning in case of account compromise (verification by email) or an attempt to enter a previously hacked site. Verification is carried out through integration with the database of the haveibeenpwned.com project;
- The password generator is activated by default, when filling out registration forms, it displays a hint with an automatically generated strong password. A tooltip is automatically displayed for βΉinput type="password"βΊ fields with the attribute "autocomplete = new-password". Without this attribute, a password can be generated via the context menu;
- Instead of the "(i)" button in the address bar, there is a privacy level indicator that allows you to judge the activation of the movement tracking blocking modes. The indicator turns gray when the motion tracking blocking mode is enabled in the settings and there are no elements on the page to be blocked. The indicator turns blue when certain elements that violate privacy or are used for movement tracking are blocked on the page. The indicator is crossed out when the user has disabled tracking protection for the current site.
- Pages opened via HTTP or FTP are marked with an insecure connection icon, which is also displayed for HTTPS in case of problems with certificates. The color of the lock symbol for HTTPS has been changed from green to gray (it will be possible to return the green color through the security.secure_connection_icon_color_gray setting). The move away from security indicators in favor of security alerts is driven by the ubiquity of HTTPS, which is already taken for granted rather than additional protection.
- In the address bar displaying the company name when using a verified EV certificate on the site. The information was removed because it could mislead the user and be used for phishing (for example, the company βIdentity Verifiedβ was registered, whose name in the address bar was perceived as an indicator of verification). Information about the EV-certificate can be viewed through the drop-down menu when clicking on the lock icon. You can return the display of the company name from the EV certificate in the address bar through the "security.identityblock.show_extended_validation" setting in about:config.
- To JavaScript engine a new "baseline" bytecode interpreter that occupies an intermediate niche between a regular interpreter and a preliminary "baseline" JIT compiler. The new interpreter is significantly faster than the old interpreter and shares bytecode processing routines, cache, and profiling data with the "baseline" JIT compiler. An additional interpreter allows you to speed up the execution of commonly used JavaScript functions after they are rolled back from an optimized JIT (Ion JIT) to the compilation stage for a non-optimized "baseline" JIT, for example, after the function is called with arguments of other types.
In complex web applications, compiling for the "baseline" JIT and making optimizations for the Ion JIT is time-consuming, and an additional fast interpreter allows for an overall performance increase and a slight reduction in memory consumption. In our tests, the inclusion of an additional interpreter that uses shared statistics and an inline cache with JIT resulted in a 2-8% reduction in page load time, and the performance of web developer tools increased by 2-10%;
- In builds for Linux default application of the compositing system for AMD, Intel and NVIDIA GPUs (Nouveau driver only), when using Mesa 18.2 or later on the system. In Windows builds, in addition to previously supported AMD and NVIDIA GPUs, WebRender is now enabled for Intel GPUs. Compositing system written in Rust and outsources page content rendering operations to the GPU side.
Using WebRender instead of Gecko's built-in CPU-based compositing engine, GPU-based shaders are used to perform page element summary rendering operations, resulting in a significant increase in rendering speed and reducing CPU load. To force WebRender to be enabled in about:config, you can change the "gfx.webrender.all" and "gfx.webrender.enabled" settings;
- support for page lockdown mode, developed under the codename . In this mode, the pages of different sites are always placed in the memory of different processes, each of which uses its own isolated sandbox (sandbox). Separation by processes is carried out not by tabs, but by domains, which allows you to further isolate the contents of external scripts and iframe blocks. The strict isolation mode is controlled in about:config using the "fission.autostart" option (enablement in releases is currently blocked);
- logo and name changed from Firefox Quantum to Firefox Browser;
- output of authorization requests initiated from iframes loaded from another domain (cross-origin). Change block some abuses and move to a model in which permissions are requested only from the primary domain for the document, which is shown in the address bar;
- rendering the contents of files uploaded via ftp (for example, images, READMEs and html files will no longer be displayed when opened via ftp). When opening resources via FTP, the dialog for uploading a file to disk will now be immediately called, regardless of the content type;
- In the address bar an indicator of granting access to the location, which will allow you to visually assess the activity of the Geolocation API and, if necessary, will make it possible to revoke the right to use the site from the site. So far, the indicator has only been displayed before permissions are granted and if the request is denied, but disappears when accessing the Geolocation API. Now the indicator will inform the user about the presence of such access;
- an extended interface for viewing TLS certificates, available through the "about:certificate" page (the old interface is used by default, the new one is enabled via security.aboutcertificate.enabled in about:config). If earlier a separate window was opened to view certificates, now the information is displayed in a tab in a form resembling an add-on . Complete Certificate View Interface Implementation using JavaScript and standard web technologies;
- Added a section to the account management menu to access advanced Firefox services such as Monitor and Send;
- A new "gift" icon has been added to the main menu and panel, through which you can get information about new releases and their key features;
- Built-in Firefox pages (about:*) adapted to display with dark theme settings;
- Improved readability of underlined or strikethrough text, including links - lines now break (flow around) without crossing glyphs;
- In themes support for the accentcolor, textcolor, and headerURL properties, which were aliases for the frame, tab_background_text, and theme_frame properties (themes hosted on addons.mozilla.org have been updated automatically);
- Added CSS properties , ΠΈ , which allow you to adjust the thickness, indentation and breaks for lines used to underline and strike through text;
- In the CSS property ""Added the ability to specify two attributes at once, for example, "display: block flex" or "display: inline flex";
- Transparency values ββin the opacity and stop-opacity CSS properties can now be set as a percentage;
- To CSS property added support for xxx-large value;
- In JavaScript the ability to visually separate large numbers using underscores, for example, "myNumber = 1_000_000_000_000";
- Added new mentod , which is a variant of the Intl.RelativeTimeFormat.format() method that returns an array of objects in which each element represents a different part of the formatted value, instead of returning the entire formatted string;
- The size of the "Referer" HTTP header is limited to 4 KB; if this value is exceeded, the content is truncated to the domain name;
- Tools for developers in the Accessibility panel have been added to audit the ease of navigation between elements using the keyboard, as well as a simulator of how color blind people see the page;
- The color picker tool now displays a contrast indicator for a given color relative to the background color to assess perception by visually impaired people;
- In CSS inspect mode, CSS definitions that do not affect the unselected element are now grayed out with a tooltip that indicates the reason for ignoring and possible fixes;
- Added the ability to set breakpoints in the debugger that are triggered when DOM elements change () and allowing you to track the moments when the script adds, removes or updates the page content;
- For add-on developers, the ability to inspect data in the browser.storage.local storage is implemented;
- A search feature has been added to the Network Activity Inspection mode, allowing you to quickly find elements of requests and responses. The search includes HTTP headers, Cookies, and request/response bodies;
- The page compositing code on the macOS platform has been optimized to reduce CPU load, speed up page loading (up to 22%), and reduce resource usage when playing videos (up to 37%). macOS builds also added support for importing passwords saved in Chrome;
- Firefox 68.1 corrective update has been prepared for Android. Recall that the formation of new significant releases of Firefox for Android has been discontinued. To replace Firefox for Android codenamed Fenix ββ(distributed as ) a new browser for mobile devices using the GeckoView engine and the Mozilla Android Components library set. A few days ago a new experimental release of Firefox Preview 2.2 that fixes several significant issues in the user interface and user experience. Of the changes compared to notes the addition of an option to clear all data on exit and the ability to open links by default in private browsing mode.
In addition to innovations and bug fixes in Firefox 70, , of which 12 (collected under one CVE-2019-11764) as critical and could potentially lead to the execution of malicious code when opening specially designed pages.
Source: opennet.ru