Great news! After weeks of hard work Mozilla corporation has brought us the new Firefox 64. You can already test how your webapps looks, feels, and works in this new browser version as we have added it to our cross-browser testing platform.

Firefox 64 Version

Try Firefox 64 in Browserling now!

What's new in Firefox 64?

  • Better recommendations: You may see suggestions in regular browsing mode for new and relevant Firefox features, services, and extensions based on how you use the web (for US users only).
  • Enhanced tab management: You can now select multiple tabs from the tab bar and close, move, bookmark, or pin them quickly and easily.
  • Easier performance management: The new Task Manager page found at about:performance lets you see how much energy each open tab consumes and provides access to close tabs to conserve power.
  • Improved performance for Mac and Linux users, by enabling link time optimization via Clang LTO. Clang LTO was enabled for Windows users in Firefox 63.
  • More seamless sharing on Windows: Windows users can now share web pages using the native sharing experience. You can access Share in the Page Actions menu.
  • Added option to remove add-ons using the context menu on their toolbar buttons.
  • New for enterprise users: Updated the policy engine on macOS to allow using configuration profiles to customize Firefox for enterprise deployments.
  • RSS feed preview and live bookmarks are available only via add-ons.
  • TLS certificates issued by Symantec are no longer trusted by Firefox. Website operators are strongly encouraged to replace any remaining Symantec TLS certificates as soon as possible.
  • about:crashes has been redesigned to make it clear when a crash is being submitted to Mozilla, as well as being clear that removing crashes locally does not remove them from crash-stats.mozilla.com.
  • The macOS keyboard shortcut to add "www" and ".com" to a URL is now ctrl-enter.
  • You may now overlay multiple CSS grids at the same time (up to 3) in the CSS Grid Inspector.
  • The Web Console's command line now highlights JavaScript syntax.
  • When hovering over elements in the Accessibility panel, the contrast ratio of text against background is now indicated.
  • Added support for the new CSS scrollbar specification.
  • WebVR is now available on macOS.

Developer details for Firefox 64

  • The Accessibility info-bar has been enhanced to include information about the color contrast ratio of text or images on the page.
  • Responsive Design Mode device selection is now saved between sessions.
  • Resources that are potentially affected by Tracking Protection are now indicated in the Network Monitor.
  • The Web Console got improvements around entering and evaluating code: Autocomplete for Console expressions is now case-insensitive, you can now step through the Console expression history with bash-like reverse search, evaluated code in the Console is now syntax-highlighted in both the input and output.
  • Stepping in the JavaScript Debugger also had some improvements: stepping out of a function in the Debugger now skips the return value.
  • The Developer Tools GCLI has been removed.
  • CSS Scrollbars spec functionality has been enabled by default.
  • Interaction Media Features implemented, including pointer:coarse. For any-pointer and any-hover implementation, see bug 1483111.
  • The prefers-reduced-motion media feature is now supported in Firefox for Android.
  • CSS <gradient> values now support multi-position color stop syntax, e.g. yellow 25%, yellow 50% can now be written yellow 25% 50%.
  • The text-transform property now accepts the full-size-kana value.
  • Support added for -webkit-appearance to alleviate associated web compat issues.
  • Closely associated with the above update, we've also removed most of the Firefox-specific -moz-appearance values.
  • display: list-item is now supported on <legend> elements.
  • SVG path()s, as usable in offset-path, are now animatable.
  • If a selector chain or group includes a -webkit-prefixed pseudo-element, that pseudo-element no longer invalidates it.
  • The non-standard -moz-box and -moz-inline-box display values have been hidden from web content.
  • The non-standard ::-moz-tree pseudo-elements have been hidden from web content.
  • The layout.css.filters.enabled preference has been removed; CSS filters can no longer be disabled.
  • A previous change - to swap the values of the 2-value overflow syntax so block is specified first and inline second.
  • The TC39 Well-formed JSON.stringify proposal has been implemented, to prevent JSON.stringify from returning ill-formed Unicode strings.
  • Proxied functions can now be be passed to Function.prototype.toString``.call().
  • In the WebAssembly.Global constructor, if no value is specified a typed 0 value is used. This is specified by the DefaultValue algorithm.
  • A number of changes related to the Fullscreen API have been implemented: The API has been unprefixed, the Element.requestFullscreen() and Document.exitFullscreen() methods both now return a Promise, which is resolved when the mode change is complete, previously, fullscreenchange and fullscreenerror events were dispatched to the Document first, then the Element. This has been reversed so that the element gets the event first. This matches the latest specification as well as the behavior of Google Chrome.
  • The WebVR API is now re-enabled in macOS.
  • Window.screenLeft and Window.screenTop have been implemented, as aliases of Window.screenX and Window.screenY.
  • The XMLHttpRequest.getAllResponseHeaders() method now returns header names all in lowercase, as per spec.
  • The legacy HTMLAllCollection interface has been updated as per recent spec updates.
  • Navigator.buildID now returns a fixed timestamp as a privacy measure.
  • The following Document.execCommand() UI feature commands have been disabled by default : enableObjectResizing, enableInlineTableEditing, enableAbsolutePositionEditor.
  • The ServiceWorkerContainer.startMessages() method has been implemented.
  • The PannerNode.refDistance, PannerNode.maxDistance, PannerNode.rolloffFactor, and PannerNode.coneOuterGain properties now correctly throw exceptions when set to values outside their accepted ranges.
  • RTCRtpEncodingParameters settings changed via RTCRtpSender.setParameters() used to not update if the changes were made during a call. They will now update live, without renegotiation.
  • RTCIceCandidateStats.relayProtocol has been implemented - this is the standardized version of RTCIceCandidateStats.mozLocalTransport, which has now been deprecated.
  • Automatic Gain Control (AGC) is now enabled by default; this can be changed using the preference media.getusermedia.agc_enabled.
  • The Window.event property, added in Firefox 63 to aid with web compat issues, has been put behind a pref (dom.window.event.enabled) and disabled by default in release versions for now due to other issues that have been uncovered. Note that this was actually done late in the Firefox 63 release cycle, but we are mentioning it here just in case.
  • The LocalMediaStream interface and its stop() method have been removed to learn how to stop an entire stream.
  • The AudioStreamTrack and VideoStreamTrack interfaces have been removed, as both have been deprecated for some time. Their functionality has been merged into MediaStreamTrack; tracks are now identified by the value of their kind property, such as audio or video.
  • The Symantec CA Distrust plan has been implemented.
  • Referrer-Policy can now be used to govern resources fetched via stylesheets - see Integration with CSS in Referrer-Policy for more information.
  • Deprecated command end-points without the Marionette:, L10n:, or Addon: prefix (including singeTap) have been removed.
  • Synthesized Shift key events by using WebDriver:PerformActions didn't result in capitalized letters.
  • WebDriver:Navigate could cause an infinite hang if the tab's underlying content process is changed multiple times during that navigation.
  • To improve the performance, and to reduce the memory footprint of Firefox the default page to be loaded for a new tab or window is no longer about:newtab but about:blank.
  • The content blocking introduction panel, which was shown on various web pages and caused element interactions to fail is disabled by default now.
  • A new API, browser.menus.overrideContext(), can be called from the contextmenu DOM event to set a custom context menu in extension pages. This API allows extensions to hide all default Firefox menu items in favor of providing a custom context menu UI. This context menu can consist of multiple top-level menu items from the extension, and may optionally include tab or bookmark context menu items from other extensions. See this blog post for more details. browser.menus.overrideContext() was implemented in.
  • The showDefaults: false option, which can be used to hide the default context menu options, was implemented in.
  • documentURLPatterns can now be used to match a moz-extension:// document URL, even if browser.menus.overrideContext() is used. This way, it can reliably be used to restrict custom menu items to certain documents.
  • You can now restrict where context menus can appear in an add-on using the new viewTypes property in menus.create() and menus.update().
  • menus.update() can now be used to update the icon of an existing menu item.
  • Extensions can now detect which mouse button was used when a menu item was clicked - this can be found using the new button property of menus.OnClickData.
  • The windows.create() method now has a new option available - cookieStoreId - which specifies the CookieStoreId to use for all tabs that were created when the window is opened.
  • The privacy.websites cookieConfig property is an object that can accept a behavior property - this property can now take a new value, reject_trackers, which instructs the extension to reject tracking cookies.
  • The devtools.panels.elements Sidebar.setPage() method is now supported.
  • The new pinned property of the page_action manifest key enables extensionsto control whether their page actions should be pinned to the location bar on install or not.
  • In native manifests on Windows, the 32-bit registry view (Wow6432Node) will be checked first for registry keys, followed by the "native" registry view; you should use whichever is appropriate for your application.
  • The chrome_settings_overrides field's search_provider object can now include new properties - suggest_url and suggest_url_post_params , and search_url_post_params.

Security issues fixed in Firefox 64

  • CVE-2018-12407: Buffer overflow with ANGLE library when using VertexBuffer11 module.
  • CVE-2018-17466: Buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11.
  • CVE-2018-18492: Use-after-free with select element.
  • CVE-2018-18493: Buffer overflow in accelerated 2D canvas with Skia.
  • CVE-2018-18494: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs.
  • CVE-2018-18495: WebExtension content scripts can be loaded in about: pages.
  • CVE-2018-18496: Embedded feed preview page can be abused for clickjacking.
  • CVE-2018-18497: WebExtensions can load arbitrary URLs through pipe separators.
  • CVE-2018-18498: Integer overflow when calculating buffer sizes for images.
  • CVE-2018-18510: Web content can link to internal about:crashcontent and about:crashparent pages.
  • CVE-2018-12405,12406: Memory safety bugs fixed in Firefox 64.

Have fun cross-browser testing in Firefox 64!