Good news! Firefox 56 is here. It was released today and has several brand new features such as built-in screenshots so you don't have to use an extension and features from Firefox Quantum that is the next major release.

Firefox 56 About Dialog

You can already try it within your browser with Browserling:

What's new in Firefox 56?

  • Launched Firefox Screenshots, a feature that lets users take, save, and share screenshots without leaving the browser.
  • Added support for address form autofill (en-US only).
  • Added search tool so users can find a specific setting quickly.
  • Reorganized preferences so users can more easily scan settings.
  • Rewrote descriptions so users can better understand choices and how they affect browsing.
  • Revised data collection choices so they align with updated Privacy Notice and data collection strategy.
  • Media opened in a background tab will not play until the tab is selected.
  • Improved Send Tabs feature of Sync for iOS and Android, and Send Tabs can be discovered even by users without a Firefox Account.
  • Replaced character encoding converters with a new Encoding Standard-compliant implementation written in Rust.
  • Added hardware acceleration for AES-GCM.
  • Updated the Safe Browsing protocol to version 4.
  • Reduced update download file size by approximately 20 percent.
  • Improved security for verifying update downloads.

Changes for Web developers in Firefox 56

Developer Tools

  • Display Negative Line Numbers in CSS Grid Inspector.
  • The new CSS Grid Layout Panel is now available, allowing much better CSS Grid debugging facilities.

HTML

  • Implemented the labels property for labelable form controls.
  • Implemented <link rel="preload">.
  • The <isindex> element has been removed from the HTML parser, and from form submission.
  • The <applet> element has been removed.

CSS

  • Implemented the proprietary Mozilla-specific <color> values -moz-win-accentcolor and -moz-win-accentcolortext.

JavaScript

  • The Intl API has been enabled on Firefox for Android.

APIs

  • On Mac, Document.hidden is now true when the window is behind another non-translucent application.
  • The Gamepad.displayId property has been implemented.
  • The PerformanceTiming.secureConnectionStart property has been implemented.
  • Firefox used to accept iso-2022-jp-2 sequences silently when an iso-2022-jp TextDecoder() was instantiated, however this has now been removed to simplify the API, as no other browsers support it and no pages seem to use it.
  • The 4ms clamping behaviour of setTimeout() and setInterval() has been updated to be more in line with other browsers, as described in Timeouts throttled to >=4ms.
  • The Page Visibility API's Document.onvisibilitychange handler has been added.
  • The Window.showModalDialog() method has been removed.
  • The implementation of the HTMLFormElement.action, HTMLInputElement.formAction, and HTMLButtonElement.formAction properties has been updated so that they return the correct form submission URL, as per spec.
  • GlobalEventHandlers.onwheel is now available on HTMLElement — it wasn't before.
  • Firefox now supports the RTCPeerConnection properties which let you examine the current and pending configurations of the local and remote ends of the connection, to help manage changes in configuration: currentLocalDescription, pendingLocalDescription, currentRemoteDescription, and pendingRemoteDescription.
  • Hardware encoding of media is now enabled by default on Android.
  • The CanvasRenderingContext2D.drawImage() method has been updated s-o that smoothing occurs when downscaling even if imageSmoothingEnabled is false.
  • An SVGImageElement can now be used as a CanvasImageSource, e.g. as the image source in a drawImage() call.

Plugins

  • Firefox for Android has removed all support for plugins.

Other

  • Gecko now encodes URLs internally as punycode, to avoid URL encoding problems.
  • Firefox on Windows and Mac OS X can now be made to run in headless mode using the -headless flag.

Changes for add-on and Mozilla developers

  • browsingData.RemovalOptions gets "hostnames" option for cookies.
  • browsingData.settings() and browsingData.removeCookies() are now supported on Firefox for Android.
  • browserSettings.cacheEnabled.
  • browser_style usage is changed.
  • chrome_settings_overrides.search_provider.is_default.
  • contextMenus renamed to menus.
  • cookies.set() and cookies.remove() now work in private browsing mode.
  • devtools.panels.elements.onSelectionChanged.
  • downloads.open() can now only be called from a user action.
  • FindProxyForURL "DIRECT" return type no longer takes an argument.
  • history.onVisited now includes the page title if it is known.
  • management.get() and management.getAll().
  • menus now supports the "tools_menu" context.
  • menus.OnClickData now has "linkText".
  • menus.create() now has an "icons" option.
  • notifications.onShown.
  • pageAction.show() and pageAction.hide() are now supported on Firefox for Android.
  • permissions now supports "unlimitedStorage".
  • privacy.services now includes passwordSavingEnabled.
  • privacy.websites.referrersEnabled.
  • protocol_handlers now supports "gopher".
  • proxy.registerProxyScript() is renamed to proxy.register().
  • proxy.unregister().
  • runtime.onInstalled gets temporary flag.
  • tabs.print(), tabs.PageSettings, tabs.printPreview(), tabs.saveAsPDF().
  • tabs.Tab.lastAccessed.
  • theme.reset().
  • windows.create() and windows.update() now support prefacing window title.

Bug fixes in Firefox 56

  • CVE-2017-7793: Use-after-free with Fetch API.
  • CVE-2017-7817: Firefox for Android address bar spoofing through fullscreen mode.
  • CVE-2017-7818: Use-after-free during ARIA array manipulation.
  • CVE-2017-7819: Use-after-free while resizing images in design mode.
  • CVE-2017-7824: Buffer overflow when drawing and validating elements with ANGLE.
  • CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes.
  • CVE-2017-7812: Drag and drop of malicious page content to the tab bar can open locally stored files.
  • CVE-2017-7814: Blob and data URLs bypass phishing and malware protection warnings.
  • CVE-2017-7813: Integer truncation in the JavaScript parser.
  • CVE-2017-7825: OS X fonts render some Tibetan and Arabic unicode characters as spaces.
  • CVE-2017-7815: Spoofing attack with modal dialogs on non-e10s installations.
  • CVE-2017-7816: WebExtensions can load about: URLs in extension UI.
  • CVE-2017-7821: WebExtensions can download and open non-executable files without user interaction.
  • CVE-2017-7823: CSP sandbox directive did not create a unique origin.
  • CVE-2017-7822: WebCrypto allows AES-GCM with 0-length IV.
  • CVE-2017-7820: Xray wrapper bypass with new tab and web console.
  • CVE-2017-7811: Memory safety bugs fixed in Firefox 56.
  • CVE-2017-7810: Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4.

Unresolved issues in Firefox 56

  • Startup crash with RelevantKnowledge adware installed. Firefox Support has helpful instructions to remove it.
  • Startup crashes with 64-bit Firefox on Windows 7, for users of Lenovo's "OneKey Theater" software for IdeaPad laptops. To fix this crash, please re-install 32-bit Firefox.
  • Users running Firefox for Windows over a Remote Desktop Connection (RDP) may find that audio playback is disabled due to increased security restrictions. Learn how to mitigate this issue until it is corrected in an upcoming release.
  • Due to a bug in Mac OS X High Sierra, fullscreen mode has some issues.

Have fun cross-browser testing your webapps in Firefox 56!