AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
![]() ![]() CVE-2016-9895: CSP bypass using marquee tag.CVE-2016-9899: Use-after-free while manipulating DOM events and audio elements.CVE-2016-9894: Buffer overflow in SkiaGL.It is a planned security release that fixes security issues. CVE-2016-9079: Use-after-free in SVG Animationįirefox 50.1.0 was released on December 13, 2016.This version fixes a reported 0-day security vulnerability in Firefox. Only days after Firefox 50.0.1, Firefox 50.0.2 has been released. CVE-2016-9078: data: URL can inherit wrong origin after an HTTP redirectįirefox 50.0.1 fixes a crash with third-party Chinese IME when using IME text.The version fixes a security issue affecting Firefox 49 and 50 Mozilla released Firefox 50.0.1 to the stable channel on November 28, 2016. Three of those vulnerabilities have received the rating of critical. Mozilla fixed 22 security vulnerabilities in Firefox 50. We will add those when they become available. Security updates are published some time after the Firefox release. Support for HLS videos via player overlay added.The user interface was simplified by combining the Recent Tabs and History page.Set of File and Directory Entries API elements have been added to improve site compatibility. ![]() Support for dragging and dropping multiple items via HTML5 added (ems).Ping attribute of a elements abides by connect-src CSP 1.1 policy directive.Content Security Policy can be set for workers.Support for sandbox CSP directive has been added.Referrer-Policy header has been implemented.Cookie prefixes _Host and _Secure are implemented.The Storage Inspector of the Developer Tools lets you delete individual items from IndexedDB object stores now.No major developer changes this time around: Built-in set of Emoji added on systems without native support (Windows 8.0 and lower, and Linux).New preference under General about:preferences#general to cycle through tabs in recently used order when using Ctrl-Tab.Improved WebGL availability to more than 98% on Windows 7 and newer.This works only on pages were Reader Mode is available for. New keyboard shortcut to load a page in Reader mode using Ctrl-Alt-R (on Mac Command-Alt-R).Firefox 50 ships with Lets Encrypt root certificate.A click on the icon highlights mixed content however. Mixed content sites are shown with a green lock in the address bar instead of a green lock with an exclamation mark.Firefox 50 ships with a new system add-on called Application Update Service Helper.The multi-process architecture rollout is still on going.Firefox detects if Family Safety is active on Windows 8 or newer versions of Windows.Tor browser security and privacy improvements integrated in Firefox.Firefox highlights sites that use the camera with a new camera symbol in the tab bar.Firefox 50 highlights special permissions with a dot next to the i-icon in the address bar.Download protection for a large number of executable file types.Playback video improved for sites without plugins with WebM EME support for Widevine on Windows and Mac.So, if you search for fire, all instances of the word on the page are highlighted while Firefox, firetruck or fireball are not. When done, only full word matches are returned. The new feature comes in form of a checkbox that you can enable for searches. You can use the shortcut Ctrl-F to trigger the functionality. ![]() A quick test by Mozilla revealed that startup performance improved by 35% on systems without add-ons installed, and more on systems with add-ons installed.įirefox's Find in page functionality is handy as it enables you to search for content on a page quickly. Mileage varies and depends on the add-ons that are installed. Only this much: Mozilla noticed better startup performance. We have talked about this in detail back when the announcement was made, and I suggest you check out the article for details. The main reason why the Firefox 50 release got delayed: Mozilla identified issues in Firefox code in regards to how Firefox and its add-on SDK handle JavaScript loads. ![]()
0 Comments
Read More
Leave a Reply. |