Mozilla's Firefox 57 just came out and we just got it installed our cross-browser testing cloud at Browserling. Firefox 57 has codename Firefox Quantum as it incorporates brand new technology from Mozilla's research group. Are you as excited as we are?
Try it here immediately:
What's new in Firefox 57?
- A completely new browsing engine, designed to take full advantage of the processing power in modern devices.
- A redesigned interface with a clean, modern appearance, consistent visual elements, and optimizations for touch screens.
- A unified address and search bar.
- A revamped new tab page that includes top visited sites, recently visited pages, and recommendations from Pocket (in the US, Canada, and Germany).
- An updated product tour to orient new and returning Firefox users.
- Video decoding is shut down when the tab playing the media is sent to the background or the video is not visible on the screen.
- AMD VP9 hardware video decoder support for improved video playback with lower power consumption.
- An expanded section in preferences to manage all website permissions.
- Users can enable Tracking Protection at all times. Learn how to turn Tracking Protection on.
- Firefox now exclusively supports extensions built using the WebExtension API, and unsupported legacy extensions will no longer work.
- The browser's autoscroll feature, as well as scrolling by keyboard input and touch-dragging of scrollbars, now use asynchronous scrolling.
- The content process now has a stricter security sandbox that blocks filesystem reading and writing on Linux, similar to the protections for Windows and macOS that shipped in Firefox 56.
- Middle mouse paste in the content area no longer navigates to URLs by default on Unix systems.
- Removed the toolbar Share button.
- Some older versions of the ATOK IME, including ATOK 2006, 2008, 2009 and 2010, can cause crashes and are therefore disabled on the Windows 64-bit version of Firefox Quantum.
- The default font for Japanese text is now Meiryo.
Changes for Web developers in Firefox 57
- The date and time
<input>types are now enabled in all builds.
<link rel="preload">has been disabled in Firefox 57 because of various web compatibility issues.
standalonevalues of the
display-mode mediaquery are now supported.
grid-column-gapproperties are no longer reset by the grid shorthand.
layout.css.clip-path-shapes.enabledpreference has been removed.
Quantum CSS notes
Following bugs have been fixed in Quantum:
- Radial gradient values like
radial-gradient(circle gold,red)will work in the old Gecko style system, even though they shouldn't because of the missing comma between circle and gold.
- When you animate an offscreen element onscreen but specify a delay, Gecko does not repaint on some platforms, e.g. Windows.
- In Gecko,
<details>elements can't be made open by default using the
openattribute if they have an animation active on them.
- In Gecko,
transitionswill not work when transitioning from a
text-shadowwith a color specified to a
text-shadowwithout a color specified.
- In Gecko, cancelling a filling animation can trigger a transition set on the same element, although only once.
- Animations using em units are not affected by changes to the
font-sizeon the animated element's parent in Gecko, whereas they should be.
- Gecko also deals with
font-sizeinheritance differently from Quantum CSS, meaning that for some language settings inherited font sizes end up being smaller than expected.
- Gecko reuses the same mechanism used when parsing a url-token when parsing the
url-prefix()URL matching functions for a
@-moz-documentrule. Quantum CSS does not use the same mechanism and it does not consider tokens invalid when they contain brackets or quotes.
- Fixed - In Gecko, when you set a system font as the value of a canvas 2D context's
font(e.g. menu), getting the font value fails to return the expected font (it returns nothing).
- In Gecko, when you create a detached subtree (e.g. a
createElement()that is not yet inserted into the DOM), the subtree's root element is set as a block-level element. In Quantum CSS this is set as inline, as per spec.
- In Gecko,
calc()expressions are rejected — causing the value to be invalid — when used as the radius component of a
- Fixed - In Gecko,
calc(1*2*3)is not parsed successfully.
- In Quantum CSS,
calc()is supported everywhere that the spec explains it should be and in Gecko it is not.
- Gecko had a bug whereby the
::afterpseudo-elements are still generated even if the content property value is set to normal or
- Another Gecko bug means that the
background-positionproperty can't be transitioned between two values containing different numbers of
- The non-standard
for each...in(E4X) loop has been removed.
unwatch()methods are deprecated.
- The non-standard
StopIterationobjects as well as the legacy iteration protocol have been removed.
- Async generator is now enabled.
- for await (... of ...) syntax is now enabled.
PerformanceObserverAPI is now enabled by default.
AbortSignalinterfaces (known as the Abort API) have been added, allowing DOM requests (such as fetch requests) to be aborted if desired.
- The Storage API is implemented and enabled by default.
Selection.typeproperty of the Selection API is now implemented.
Document.createEvent('FocusEvent')is now supported.
filesproperty of the HTMLInputElement interface is now settable.
HTMLDocument.getSelection()method has been moved to the
Documentinterface so it is available to XML documents.
messageerrorevent is now implemented, and can have code run in response to it firing via event handlers implemented on message targets.
Headersvalues are iterated over, they are automatically sorted in lexicographical order, and values from duplicate header names are combined.
- Support for messages of arbitrary size (up to 1GiB, although 256kiB is more interoperable) is now supported on
RTCDataChannelthrough use of the end-of-record (EOR) flag on SCTP messages.
RTCDataChannel.send()method can now throw a
TypeErrorexception if the size of the message you're trying to send is not compatible with the receiving user agent.
- The MediaStream Recording API has been updated so that
errorevents sent to report problems that occur while recording are now of type
MediaRecorderErrorEventrather than being generic events.
- Updated the documentation around
OfflineAudioContextsince its constructor's inputs can now be specified in an object rather than as a list of parameters.
- Mozilla's proprietary Social API has been completely removed.
resource://URLs no longer leak information.
- Data URIs are now treated as unique opaque origins, rather than inheriting the origin of the settings object responsible for the navigation.
- Firefox headless mode now includes a
-screenshotflag that allows you to take website screenshots directly from the command line.
Changes for add-on and Mozilla developers
The following APIs have been added or extended:
bookmarks: support for separators through
theme_iconsproperty for light/dark theme icons.
FindProxyForURL()can now return an object.
runtime.openOptionsPage()support on Android.
tabs.create()can open "view-source:" URLs,
Bug fixes in Firefox 57
- CVE-2017-7828: Use-after-free of PressShell while restyling layout.
- CVE-2017-7830: Cross-origin URL information leak through Resource Timing API.
- CVE-2017-7832: Domain spoofing through use of dotless 'i' character followed by accent markers.
- CVE-2017-7833: Domain spoofing with Arabic and Indic vowel marker characters.
- CVE-2017-7834: data: URLs opened in new tabs bypass CSP protections.
- CVE-2017-7835: Mixed content blocking incorrectly applies with redirects.
- CVE-2017-7836: Pingsender dynamically loads libcurl on Linux and OS X.
- CVE-2017-7837: SVG loaded as can use meta tags to set cookies.
- CVE-2017-7838: Failure of individual decoding of labels in international domain names triggers punycode display of entire IDN.
- CVE-2017-7840: Exported bookmarks do not strip script elements from user-supplied tags.
- CVE-2017-7842: Referrer Policy is not always respected for elements.
- CVE-2017-7827: Memory safety bugs fixed in Firefox 57.
- CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5.
Unresolved issues in Firefox 57
- Users running Firefox for Windows over a Remote Desktop Connection (RDP) may find that audio playback is disabled due to increased security restrictions. Learn how to mitigate this issue until it is corrected in an upcoming release.
- Users running screen readers may experience performance issues and are advised to use Firefox ESR until performance issues are resolved in an upcoming future release
- On Windows and Linux, Firefox crashes occasionally on Intel Broadwell-U processors with old microcode. Windows users should ensure Windows Update is set to install updates. Linux users should ensure that the distribution package for Intel microcode is installed.
Have fun cross-browser testing your webapps in Firefox 57!
Email this blog post to your friends or yourself!
Enter a URL to test, choose platform, browser and version, and you'll get a live interactive browser in 5 seconds!