Firefox 43 Released! - Cross-browser Testing Blog

Today Firefox 43 was released by Mozilla. We just deployed it to our browser cloud and it's now available to all users. You can now cross-browser test your websites in Firefox 52!

Try Firefox 43 in Browserling now!

What's new in Firefox 43?

On-screen keyboard displayed on selecting input field on devices running Windows 8 or greater.
Improved API support for m4v video playback.
Users can choose search suggestions from the Awesome Bar.
Private Browsing with Tracking Protection offers choice of blocking additional trackers.
Firefox Health Report has switched to use the same data collection mechanism as telemetry.
Firefox 64-bit for Windows is now available via the Firefox download page.

What was fixed in Firefox 43?

Eyedropper tool didn't work as expected when page was zoomed.
Various security fixes.

What security issues were fixed in Firefox 43?

Crash with JavaScript variable assignment with unboxed objects.
Cross-origin information leak through web workers error events.
Buffer overflows found through code inspection.
Integer overflow in MP4 playback in 64-bit versions.
Cross-site reading attack through data and view-source URIs.
DOS due to malformed frames in HTTP/2.
Same-origin policy violation using performance.getEntries and history navigation.
Miscellaneous memory safety hazards.
Privilege escalation vulnerabilities in WebExtension APIs.
Integer underflow and buffer overflow processing MP4 metadata in libstagefright.
Underflow through code inspection.
Integer overflow allocating extremely large textures.
Hash in data URI is incorrectly parsed.
Use-after-free in WebRTC when datachannel is used after being destroyed.
Firefox allows for control characters to be set in cookies.
Linux file chooser crashes on malformed images due to flaws in Jasper library.
Access to Web Storage (i.e. localStorage and sessionStorage) from third-party IFrames is now denied if the user has disabled third-party cookies.
This whitelist has even been removed in Nightly and Aurora/Dev Edition of the browser. It is currently scheduled that this removal will also happen for Beta and Release versions for the next version (Firefox 44).
Subresource integrity has been implemented for <script> and <link> that links to stylesheets.

What's new for developers in Firefox 43?

WebIDE now has a sidebar-based UI.
Unprefixed 'hyphens' property is now supported.
Subresource integrity allows developers to make their sites more secure.
Added ability to display server-side logs in the console.
Stack traces are now shown for exceptions inside the console.
Ability to filter styles from their property names in the rules view.
Search button next to overridden CSS properties to find similar properties in the rules view.
New 'Use in Console' context menu item in Inspector to store selected element in a temporary variable.
Bind F1 key to open the settings when the toolbox is focused.
Markup view shows indicators for pseudo-classes locked for elements.
Network requests in Console now link to Network panel instead of opening in a popup.
Single-process mode is no longer supported for NPAPI plugins.
Animation inspector now displays animations in a timeline.
The 'transform-origin' property is now supported on SVG elements.

HTML, CSS and JavaScript Fixes and Updates in Firefox 43

Support for the standard, unprefixed version of hyphens has been landed.
The shorthand property font has been updated to accept font-stretch values.
To match a latest evolution of the specification, the :fullscreen pseudo-class now selects the whole stack of elements in full screen, and not only the top-level one.
The deprecated SVG values for the writing-mode, lr, lr-tb, rl, tb, and tb-rl, have been added in CSS as aliases to standard properties
For <img> with ICO image containing multiple frames, the intrinsic dimension of the image is set to the one of the largest frame, and no more of the smallest frame.
The value of the document's viewport (defined with <meta name="viewport>)can now dynamically be changed via JavaScript.
The new ES2016 methods Array.prototype.includes() and TypedArray.prototype.includes() are now enabled by default.
To match the ES2015 specification, arrow functions no longer have their own arguments object. The arguments object is now lexically bound (inherited from the outer function).
The arguments object is now allowed in conjunction with rest parameters.
From now on, a mapped arguments object in non-strict functions is only provided if the function does not contain any rest parameters, any default parameters or any destructured parameters.
Generators and generator methods are no longer constructable as per ES2016.

IndexDB, Service Workers, WebRTC Updates in Firefox 43

A new feature called locale-aware sorting has been added to IndexedDB that allows creating indexes with a locale specified, which can then be used to sort data according to the rules of that locale. This is a non-standard Firefox-specific feature.
As per the specification, if ExtendableEvent.waitUntil() is called outside of the ExtendableEvent handler, Firefox will now throw an InvalidStateError; in addition, multiple calls to waitUntil() will now stack up, and the resulting promises will be added to the list of extend lifetime promises.
PushMessageData methods have been implemented.
The HTMLCanvasElement.captureStream() method has been activated by default.
The non-standard constraint style option list for RTCOfferOptions has been deprecated and will be removed entirely in Firefox 44.

Misc Updates in Firefox 43

Under Linux, like under Windows, Event.timeStamp now returns a DOMHighResTimeStamp.
Support for MouseEvent.offsetX and MouseEvent.offsetY have been activated on Firefox for Android and Firefox OS.
The Battery Status API now uses the new promise syntax for Navigator.getBattery(), as specified in the recent evolution of the specificiation.
Under Linux, like under Windows, Event.timeStamp now returns a DOMHighResTimeStamp.
The HTMLCanvasElement.mozFetchAsStream() method has been removed.

Happy cross-browser testing in Firefox 43!