This article is more than 1 year old

Firefox 79: A thin release for regular users, but plenty for developers to devour

Reverse tabnapping is no more

Mozilla's Firefox 79 is here, but general users shouldn't get too excited – almost all the new features are aimed at developers.

The snag with a four-week release cycle is that coming up with notable new features at such a rapid pace is a challenge, and perhaps not even desirable, since stability and familiarity are also welcome attributes.

The release notes for Firefox 79 are short: more users are getting WebRender, which uses the GPU to accelerate and smooth page rendering. Specifically, Windows 10 users with AMD GPUs will now get WebRender even when running on battery. Mac and Linux users are still waiting, unless they care to use a pre-release build. There are still "bugs that block shipping" WebRender on Mac.

There is also a security fix. Many web pages use target="_blank" on links so the reader stays on the original page while a clicked link opens in another tab or window. An issue with this approach is that the linked page gets access to the source page via the window.opener property, exposing the user to reverse tabnapping. The fix is to add rel=noopener to the link, which sets the window.opener property to null. Firefox 79 will now do this automatically. In the case where this link is required for legitimate reasons, it can be explicitly enabled.

How reverse tabnapping works (pic: OWASP)

How reverse tabnapping works (pic: OWASP)

Aside from not being hacked, users may also notice a performance improvement thanks to the return of shared memory, allowing fast communication between threads. This was disabled in 2018 because of Spectre and other processor bugs that make this dangerous. It can now be re-enabled but only for web pages with special headers set that are in the same tab, including any popups.

Not the biggest release, but good work, especially for those who would otherwise be tabnapped.

Developers will find more to play with. Promise.any() lets you write code that fires multiple promises and fulfils the first one that resolves. It is described as experimental. It looks similar to the existing Promise.race, but the difference is that with Promise.race, if the first promise to return is a rejection, the promise rejects, even if one of the other promises resolves. Promise.any looks more useful.

Lovers of exotic operators will enjoy this one too. Firefox 79 implements the logical assignment proposal including ??=, which assigns only if the left-hand side is null or undefined ("nullish").

There is more: weak references (referring to a target object without preventing it from being removed from memory by garbage collection), though the notes say "avoid if possible"; new WebAssembly operations including WebAssembly threads if shared memory is enabled; and a tab.warmup() function to improve performance where the user is about to open a new tab.

The debugging tools are also enhanced, with async stack traces, allowing easier debugging of promises and other asynchronous code, and the appearance of network request errors in the debugging console – previously these only appeared in the Network panel in the debugging tools. The debugger is improved with errors highlighted in the source code complete with explanation, and the ability to Restart Frame – which means returning to the top of the current frame in the call stack. "Time travelling within the current call stack," stated the notes, except that variables are not reset to their original values. ®

More about

More about

More about

TIP US OFF

Send us news


Other stories you might like