Great news! Firefox 48 was released today. We just installed it in our browser testing cloud and it's available for cross-browser testing.
Try Firefox 48 in Browserling now!
Firefox 48 enhances download protection and removes of Windows Remote Access Service modem Autodial. Apple support is exclusively for OSX Mavericks up to macOS Sierra. Support for old processors without SSE2 extensions such as the AMD Athlon XP and Pentium III was dropped.
What's new in Firefox 48?
- GNU/Linux fans: Get better Canvas performance with speedy Skia support. Try saying that three times fast.
- Added smart bookmark icons that make searching for something already in your bookmarks or open tabs easier.
- Windows improvement - Tab (move buttons) and Shift+F10 (pop-up menus) now behave as they should in Firefox customization mode.
- More protection against harmful downloads.
- The media parser has been redeveloped using the Rust programming language.
- Process separation (e10s) is enabled for some of you.
- WebRTC embetterments: Delay-agnostic AEC enabled. Full duplex for GNU/Linux enabled. ICE Restart and Update is supported. Cloning of MediaStream and MediaStreamTrack is now supported.
- Windows 7 systems without Platform Update can now use D3D11 WARP.
- Add-ons that have not been verified and signed by Mozilla will not load.
What changed in Firefox 48?
- Removed Firefox Hello.
- After version 48, SSE2 CPU extensions are going to be required on Windows.
- Starting with the Firefox version 49 release, so long to support for 10.6, 10.7 and 10.8. Now we can focus on where most Mac users are: 10.9. Don't forget to upgrade!
- Au revoir to Windows Remote Access Service modem Autodial.
What changed in Firefox 48 developer tools?
- You can debug WebExtensions background content scripts and background pages.
- Content Security Policy (CSP) is now enforced for WebExtensions.
- Want to move absolute & fixed positioned elements? Now you can with geometry editor.
- Workers can now use the Web Crypto API.
- WebExtensions support is now considered as stable.
- Removed Error Console. Added Browser Console for your debugging pleasure.
- The memory tool now has a tree map view for your debugging pleasure.
- Expand network requests from the console panel to view request details in line, so you can see things in context.
- New Firebug theme for Developer Tools
- Add-on development just got easier because you can reload them from about:debugging - because we're all about debugging.
- The position of elements can now be changed within the content.
- Added a Firebug theme.
- Added the DOM Inspector.
- Font inspector has been enabled by default again.
- Cookies, localstorage and sessionstorage entries are editable via double-click.
- The <details> and <summary> elements have been activated by default on Nightly and Aurora (DevTools), but not on Beta or Release.
- The calc() has been improved.
- Support for horizontal-in-vertical (tate-chu-yoko) text has been added via the all value of the text-combine-upright property.
- The String.prototype.padStart() and String.prototype.padEnd() methods have been implemented.
- Proxy API - Proxy.create and Proxy.createFunction() - has been removed.
- The String.prototype.contains() method has been removed.
- Dropped the "Moz" prefix from the CSSKeyframeRule and CSSKeyframesRule interfaces.
- Firefox now returns proper exceptions instead of numbers when things go wrong during a call to Navigator.registerProtocolHandler().
- The CanvasRenderingContext2D.ellipse() method has been implemented.
- The two methods MediaStream.clone() and MediaStreamTrack.clone() have been implemented.
- The Web Crypto API is now available in Web workers.
- Support for UTF-16 has been removed from TextEncoder.
- Support for the HTTP Upgrade-Insecure-Requests header has been added.
- The Social Worker API has been removed.
What was fixed in Firefox 48?
- Jabra & Logitech C920 webcam users now have a WebRTC fix that caused frequent distortions.
- Improved step debugging on last line of functions.
Security fixes, vulnerabilities and updates in Firefox 48
- Information disclosure through Resource Timing API during page navigation.
- Spoofing attack through text injection into internal error pages.
- Addressbar spoofing with right-to-left characters on Firefox for Android.
- Information disclosure and local file manipulation through drag and drop.
- Same-origin policy violation using local HTML file and saved shortcut file.
- Use-after-free when applying SVG effects.
- Type confusion in display transformation.
- Buffer overflow in ClearKey Content Decryption Module (CDM) during video playback.
- Scripts on marquee tag can execute in sandboxed iframes.
- Integer overflow in WebSockets during data buffering.
- Form input type change from password to text can store plain text password in session restore file.
- Use-after-free in service workers with nested sync events.
- Use-after-free when using alt key and toplevel menus.
- Arbitrary file manipulation by local user through Mozilla updater and callback application path parameter.
- Out-of-bounds read during XML parsing in Expat library.
- Stack underflow during 2D graphics rendering.
- Location bar spoofing via data URLs with malformed/invalid mediatypes.
- Cairo rendering crash due to memory allocation issue with FFmpeg 0.10.
- Buffer overflow rendering SVG with bidirectional content.
- Favicon network connection can persist when page is closed.
- Miscellaneous memory safety hazards.
What wasn't solved in Firefox 48?
- On some websites using an important number of cookies, under certain conditions, this can cause the user to be logged out.
Happy cross-browser testing in Firefox 48!
Email this blog post to your friends or yourself!
Enter a URL to test, choose platform, browser and version, and you'll get a live interactive browser in 5 seconds!