Great news! After weeks of hard work Mozilla corporation has brought us the new Firefox 64. You can already test how your webapps looks, feels, and works in this new browser version as we have added it to our cross-browser testing platform.
Try Firefox 64 in Browserling now!
What's new in Firefox 64?
- Better recommendations: You may see suggestions in regular browsing mode for new and relevant Firefox features, services, and extensions based on how you use the web (for US users only).
- Enhanced tab management: You can now select multiple tabs from the tab bar and close, move, bookmark, or pin them quickly and easily.
- Easier performance management: The new Task Manager page found at about:performance lets you see how much energy each open tab consumes and provides access to close tabs to conserve power.
- Improved performance for Mac and Linux users, by enabling link time optimization via Clang LTO. Clang LTO was enabled for Windows users in Firefox 63.
- More seamless sharing on Windows: Windows users can now share web pages using the native sharing experience. You can access Share in the Page Actions menu.
- Added option to remove add-ons using the context menu on their toolbar buttons.
- New for enterprise users: Updated the policy engine on macOS to allow using configuration profiles to customize Firefox for enterprise deployments.
- RSS feed preview and live bookmarks are available only via add-ons.
- TLS certificates issued by Symantec are no longer trusted by Firefox. Website operators are strongly encouraged to replace any remaining Symantec TLS certificates as soon as possible.
- about:crashes has been redesigned to make it clear when a crash is being submitted to Mozilla, as well as being clear that removing crashes locally does not remove them from crash-stats.mozilla.com.
- The macOS keyboard shortcut to add "www" and ".com" to a URL is now ctrl-enter.
- You may now overlay multiple CSS grids at the same time (up to 3) in the CSS Grid Inspector.
- When hovering over elements in the Accessibility panel, the contrast ratio of text against background is now indicated.
- Added support for the new CSS scrollbar specification.
- WebVR is now available on macOS.
Developer details for Firefox 64
- The Accessibility info-bar has been enhanced to include information about the color contrast ratio of text or images on the page.
- Responsive Design Mode device selection is now saved between sessions.
- Resources that are potentially affected by Tracking Protection are now indicated in the Network Monitor.
- The Web Console got improvements around entering and evaluating code: Autocomplete for Console expressions is now case-insensitive, you can now step through the Console expression history with bash-like reverse search, evaluated code in the Console is now syntax-highlighted in both the input and output.
- The Developer Tools GCLI has been removed.
- CSS Scrollbars spec functionality has been enabled by default.
- Interaction Media Features implemented, including
any-hoverimplementation, see bug 1483111.
prefers-reduced-motionmedia feature is now supported in Firefox for Android.
<gradient>values now support multi-position color stop syntax, e.g.
yellow 25%, yellow 50%can now be written
yellow 25% 50%.
text-transformproperty now accepts the
- Support added for
-webkit-appearanceto alleviate associated web compat issues.
- Closely associated with the above update, we've also removed most of the Firefox-specific
list-itemis now supported on
path()s, as usable in
offset-path, are now animatable.
- If a selector chain or group includes a
-webkit-prefixed pseudo-element, that pseudo-element no longer invalidates it.
- The non-standard
displayvalues have been hidden from web content.
- The non-standard
::-moz-treepseudo-elements have been hidden from web content.
layout.css.filters.enabledpreference has been removed; CSS filters can no longer be disabled.
- A previous change - to swap the values of the 2-value
overflowsyntax so block is specified first and inline second.
- The TC39 Well-formed JSON.stringify proposal has been implemented, to prevent
JSON.stringifyfrom returning ill-formed Unicode strings.
- Proxied functions can now be be passed to
- In the
WebAssembly.Globalconstructor, if no value is specified a typed 0 value is used. This is specified by the
- A number of changes related to the Fullscreen API have been implemented: The API has been unprefixed, the
Document.exitFullscreen()methods both now return a
Promise, which is resolved when the mode change is complete, previously,
fullscreenerrorevents were dispatched to the
Documentfirst, then the
Element. This has been reversed so that the element gets the event first. This matches the latest specification as well as the behavior of Google Chrome.
- The WebVR API is now re-enabled in macOS.
Window.screenTophave been implemented, as aliases of
XMLHttpRequest.getAllResponseHeaders()method now returns header names all in lowercase, as per spec.
- The legacy
HTMLAllCollectioninterface has been updated as per recent spec updates.
Navigator.buildIDnow returns a fixed timestamp as a privacy measure.
- The following
Document.execCommand()UI feature commands have been disabled by default :
ServiceWorkerContainer.startMessages()method has been implemented.
PannerNode.coneOuterGainproperties now correctly throw exceptions when set to values outside their accepted ranges.
RTCRtpEncodingParameterssettings changed via
RTCRtpSender.setParameters()used to not update if the changes were made during a call. They will now update live, without renegotiation.
RTCIceCandidateStats.relayProtocolhas been implemented - this is the standardized version of
RTCIceCandidateStats.mozLocalTransport, which has now been deprecated.
- Automatic Gain Control (AGC) is now enabled by default; this can be changed using the preference
Window.eventproperty, added in Firefox 63 to aid with web compat issues, has been put behind a pref (
dom.window.event.enabled) and disabled by default in release versions for now due to other issues that have been uncovered. Note that this was actually done late in the Firefox 63 release cycle, but we are mentioning it here just in case.
LocalMediaStreaminterface and its
stop()method have been removed to learn how to stop an entire stream.
VideoStreamTrackinterfaces have been removed, as both have been deprecated for some time. Their functionality has been merged into
MediaStreamTrack; tracks are now identified by the value of their
kindproperty, such as
- The Symantec CA Distrust plan has been implemented.
Referrer-Policycan now be used to govern resources fetched via stylesheets - see Integration with CSS in Referrer-Policy for more information.
- Deprecated command end-points without the
singeTap) have been removed.
Shiftkey events by using
WebDriver:PerformActionsdidn't result in capitalized letters.
WebDriver:Navigatecould cause an infinite hang if the tab's underlying content process is changed multiple times during that navigation.
- To improve the performance, and to reduce the memory footprint of Firefox the default page to be loaded for a new tab or window is no longer
- The content blocking introduction panel, which was shown on various web pages and caused element interactions to fail is disabled by default now.
- A new API,
browser.menus.overrideContext(), can be called from the
contextmenuDOM event to set a custom context menu in extension pages. This API allows extensions to hide all default Firefox menu items in favor of providing a custom context menu UI. This context menu can consist of multiple top-level menu items from the extension, and may optionally include tab or bookmark context menu items from other extensions. See this blog post for more details.
browser.menus.overrideContext()was implemented in.
showDefaults: falseoption, which can be used to hide the default context menu options, was implemented in.
documentURLPatternscan now be used to match a
moz-extension://document URL, even if
browser.menus.overrideContext()is used. This way, it can reliably be used to restrict custom menu items to certain documents.
- You can now restrict where context menus can appear in an add-on using the new
menus.update()can now be used to update the icon of an existing menu item.
- Extensions can now detect which mouse button was used when a menu item was clicked - this can be found using the new
windows.create()method now has a new option available -
cookieStoreId- which specifies the
CookieStoreIdto use for all tabs that were created when the window is opened.
cookieConfigproperty is an object that can accept a
behaviorproperty - this property can now take a new value,
reject_trackers, which instructs the extension to reject tracking cookies.
Sidebar.setPage()method is now supported.
- The new
pinnedproperty of the
page_actionmanifest key enables extensionsto control whether their page actions should be pinned to the location bar on install or not.
- In native manifests on Windows, the 32-bit registry view (Wow6432Node) will be checked first for registry keys, followed by the "native" registry view; you should use whichever is appropriate for your application.
search_providerobject can now include new properties -
Security issues fixed in Firefox 64
- CVE-2018-12407: Buffer overflow with ANGLE library when using VertexBuffer11 module.
- CVE-2018-17466: Buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11.
- CVE-2018-18492: Use-after-free with select element.
- CVE-2018-18493: Buffer overflow in accelerated 2D canvas with Skia.
- CVE-2018-18494: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs.
- CVE-2018-18495: WebExtension content scripts can be loaded in about: pages.
- CVE-2018-18496: Embedded feed preview page can be abused for clickjacking.
- CVE-2018-18497: WebExtensions can load arbitrary URLs through pipe separators.
- CVE-2018-18498: Integer overflow when calculating buffer sizes for images.
- CVE-2018-18510: Web content can link to internal about:crashcontent and about:crashparent pages.
- CVE-2018-12405,12406: Memory safety bugs fixed in Firefox 64.
Have fun cross-browser testing in Firefox 64!
Email this blog post to your friends or yourself!
Enter a URL to test, choose platform, browser and version, and you'll get a live interactive browser in 5 seconds!