Firefox 59 for developers
This article provides information about the changes in Firefox 59 that will affect developers. Firefox 59 was released on March 13, 2018.
Changes for web developers
Developer tools
- The Network Monitor Response tab now shows a preview of the rendered HTML — if the response is HTML (Firefox bug 1353319).
- Cookie information shown in the Storage Inspector (see Cookies) now includes a sameSite column showing what the same-site status of each cookie is (Firefox bug 1298370).
- The Rulers tool now includes a readout showing the current dimensions of the viewport (Firefox bug 1402633).
- In Responsive Design Mode, you can now set the screen dimensions using the cursor keys (Firefox bug 1421663). See the Setting screen size section for more details.
- The Raw headers display in the Network Monitor Headers tab now includes the response's status code (Firefox bug 1419401).
HTML
- The
<textarea>
element'sautocomplete
attribute has been implemented. This lets you enable or disable form auto-fill for the element.
CSS
- The
overscroll-behavior
property and its associated longhand properties —overscroll-behavior-x
andoverscroll-behavior-y
— have been implemented (Firefox bug 951793), and it has been enabled by default on all releases (Firefox bug 1428879). - The behavior of "unusual elements" (elements that aren't rendered purely by CSS box concepts such as replaced elements) when given a
display
value ofcontents
has been updated as per spec (Firefox bug 1427292). See Appendix B: Effects of display: contents on Unusual Elements for exactly what the specified behaviors are. position
sticky
is now supported on appropriate HTML table parts (e.g.<th>
elements) (Firefox bug 975644).calc()
is now supported in<color>
values —rgb()
,rgba()
,hsl()
, andhsla()
(Firefox bug 984021).calc()
in media query values is now supported Firefox bug 1396057.- The
@document
at-rule has been limited to use only in user and UA sheets (Firefox bug 1035091). - Implement the
font-optical-sizing
property (Firefox bug 1435692).
SVG
No changes.
JavaScript
No changes.
APIs
New APIs
PointerEvents
have been enabled in Firefox Desktop (Firefox bug 1411467).
DOM
- The
EventTarget()
constructor has been implemented (Firefox bug 1379688). - The
Response()
constructor can now accept anull
value for itsbody
parameter, as per spec (Firefox bug 1303025).
DOM events
- The
Event.composedPath()
method has been implemented (Firefox bug 1412775).
Service workers
- The service worker Clients API can now find and communicate with windows in a separate browser process (Firefox bug 1293277) .
- Nested about:blank and about:srcdoc iframes will now inherit their parent's controlling service worker. Fixed in (Firefox bug 1293277) and (Firefox bug 1426979).
- When a service worker provides a
Response
toFetchEvent.respondWith()
, theResponse.url
value will now be propagated to the intercepted network request as the final resolved URL. In the past theFetchEvent.request.url
was used for this instead. This means, for example, if a service worker intercepts a stylesheet or worker script, then the providedResponse.url
will be used to resolve any relative@import
orimportScripts()
subresource loads (Firefox bug 1222008). FetchEvent.respondWith()
will now trigger a network error if theFetchEvent.request.mode
is"same-origin"
and the providedResponse.type
is"cors"
. (Firefox bug 1222008)
Media and WebRTC
- The
MediaStreamTrack
propertyMediaStreamTrack.muted
, along with the eventsmute
andunmute
and the corresponding event handlers,onmute
andonunmute
, have been implemented. A track'smuted
state indicates that the track is not currently able to provide media data.Note: The
muted
state of a track isn't useful for what's typically thought of as muting and unmuting a track. Instead, use theenabled
property; settingenabled
tofalse
causes the track to output only empty frames. - Firefox 59 on Android now supports Apple's HTTPS Live Streaming (HLS) protocol for both audio and video. This non-standard protocol is being supported on mobile to improve compatibility with sites that require it for mobile streaming. There is not currently any plan to implement it on Firefox Desktop.
- The
RTCRtpReceiver
methodsgetContributingSources()
andgetSynchronizationSources()
have been implemented to provide information about the sources of each RTP stream. However, a specification change occurred before release and we have disabled these by default behind the preferencemedia.peerconnection.rtpsourcesapi.enable
(Firefox bug 1363667, Firefox bug 1430213, and Firefox bug 1433236. - The
RTCRtpTransceiver
interface has now been implemented, since the Firefox implementation of WebRTC now supports transceivers, withRTCPeerConnection
and other interfaces updated to use them per the latest specification. - The
RTCPeerConnection.addTransceiver()
method has been added. In addition, the behavior ofaddTrack()
has been updated to create a transceiver as required. - Support for WebVTT regions was implemented in Firefox 58 but disabled by default. They're now available by default (Firefox bug 1415805).
- Firefox now supports WebVTT
REGION
definition blocks whose settings list has one setting per line instead of all of the settings being on the same line of the WebVTT file (Firefox bug 1415821.
Canvas and WebGL
No changes.
CSSOM
The CSSNamespaceRule
interface and its namespaceURL
and prefix
properties have been implemented (Firefox bug 1326514).
HTTP
No changes.
Security
- Top-level navigation to
data:
URLs has been blocked Firefox bug 1401895. See Blocking Top-Level Navigations to data URLs for Firefox 59 for more details. - The
SAMEORIGIN
directive of theX-Frame-Options
header has been changed so that it checks not only the top-level IFrame is in the same origin, but all its ancestors as well (Firefox bug 725490). - Image resources loaded from different origins to the current document are no longer able to trigger HTTP authentication dialogs (Firefox bug 1423146).
- HTTP authentication now uses
utf-8
encoding for usernames and passwords (rather thanISO-8859-1
) for parity with other browsers, and to avoid potential problems as described in Firefox bug 1419658. - Everyday the HSTS preload list is updated from Google. Normally this doesn't warrant a note, but in this release new TLDs were included, notably
.app
and.dev
. While they are new TLDs developers might have used them for local development and be surprised by this change. Note that reserved TLDs should be used for local development instead.
Plugins
No changes.
Other
No changes.
Removals from the web platform
HTML
The non-standard version
parameter of the <script>
element's type
attribute (e.g. type="application/javascript;version=1.8"
) has been removed (Firefox bug 1428745).
CSS
- The proprietary
mozmm
<length>
unit has been removed (Firefox bug 1416564). - The proprietary
-moz-border-top-colors
,-moz-border-right-colors
,-moz-border-bottom-colors
, and-moz-border-left-colors
properties have been limited to usage in chrome code only (Firefox bug 1417200).
JavaScript
- Non-standard conditional catch clauses have been removed (Firefox bug 1228841).
APIs
- The non-standard method
Event.getPreventDefault()
has been removed. You should instead use theEvent.defaultPrevented
property to determine whether or notpreventDefault()
was called on theEvent
. - The proprietary
Navigator.mozNotification
property andDesktopNotification
interface have been removed, in favor of the standard Notifications API (Firefox bug 952453). - The proprietary
window.external.addSearchEngine()
method has been removed (Firefox bug 862147). Also seeWindow.sidebar
for more details. - The non-standard Firefox-only
HTMLMediaElement
propertymozAutoplayEnabled
has been removed.
SVG
Support for SMIL's accessKey
feature has been removed (Firefox bug 1423098).
Other
Support for the non-standard pcast:
and feed:
protocols has been removed from Firefox (Firefox bug 1420622).
Changes for add-on and Mozilla developers
WebExtensions
- Theme updates:
- new properties:
colors.background_tab_text
,colors.toolbar_field_border
- all color properties now support both Chrome-style arrays and CSS color values.
- new properties:
- New browser settings:
- New
tabs
APIs: - The
contextMenus
API now supports a "bookmark" context. - New
contentScripts
API enables runtime registration of content scripts. - New
pageAction
,browserAction
,SidebarAction
APIs:browserAction/pageAction/sidebarAction.set*
functions now acceptnull
to undo changes.browserAction.isEnabled()
,pageAction.isShown()
,sidebarAction.isOpen()
functions.
- New option in
page_action
to show page actions by default. - New values for
protocol_handlers
:- "ssb" for Secure Scuttlebutt communications
- "dat" for DATproject
- "ipfs", "ipns", "dweb" for IPFS
- New
privacy.websites
setting "cookieConfig". - Support in
cookies
API for first-party isolation. - New option
upgradeToSecure
inwebRequest
.
Older versions
- Firefox 58 for developers
- Firefox 57 for developers
- Firefox 56 for developers
- Firefox 55 for developers
- Firefox 54 for developers
- Firefox 53 for developers
- Firefox 52 for developers
- Firefox 51 for developers
- Firefox 50 for developers
- Firefox 49 for developers
- Firefox 48 for developers
- Firefox 47 for developers
- Firefox 46 for developers
- Firefox 45 for developers
- Firefox 44 for developers
- Firefox 43 for developers
- Firefox 42 for developers
- Firefox 41 for developers
- Firefox 40 for developers
- Firefox 39 for developers
- Firefox 38 for developers
- Firefox 37 for developers
- Firefox 36 for developers
- Firefox 35 for developers
- Firefox 34 for developers
- Firefox 33 for developers
- Firefox 32 for developers
- Firefox 31 for developers
- Firefox 30 for developers
- Firefox 29 for developers
- Firefox 28 for developers