Firefox 79 Is Ready To Ship With Safeguard On "_blank" Links, More Wayland VA-API Work
Firefox 79.0 isn't scheduled to be formally announced until Tuesday but the release binaries have now hit Mozilla's FTP servers.
Firefox 79 isn't a particularly exciting release with few end-user alterations but some developer additions. The developer docs note a number of WebAssembly items now shipping including support for bulk memory operations, reference types, and threads with shared memory and atomics. Plus there are the usual assortment of additions to JavaScript APIs and CSS. Older versions of macOS have also been dropped from Firefox 79.
One of the most notable changes worth mentioning for Firefox 79 is on the security front and that is "_blank" links will now implicitly provide the same behavior as also adding rel="noopener". The rel="noopener" is a security improvement and with being implicitly set for all "_blank" links will ensure the DOM on the original page cannot be manipulated by the linked website should it be malicious. Without this attribute, it's possible for the linked website to use JavaScript to take control of the referring window.
Having this behavior the default for "_blank" links has been on the Mozilla agenda now for two years. It's good to see this sane security default finally in place.
An important change with Firefox 79 for Linux users on Wayland is that DMA-BUF video textures are now used when the Video Acceleration API (VA-API) is enabled.
Those wanting to grab Firefox 79 ahead of the official announcement can find the binaries on Mozilla.org.
Firefox 79 isn't a particularly exciting release with few end-user alterations but some developer additions. The developer docs note a number of WebAssembly items now shipping including support for bulk memory operations, reference types, and threads with shared memory and atomics. Plus there are the usual assortment of additions to JavaScript APIs and CSS. Older versions of macOS have also been dropped from Firefox 79.
One of the most notable changes worth mentioning for Firefox 79 is on the security front and that is "_blank" links will now implicitly provide the same behavior as also adding rel="noopener". The rel="noopener" is a security improvement and with being implicitly set for all "_blank" links will ensure the DOM on the original page cannot be manipulated by the linked website should it be malicious. Without this attribute, it's possible for the linked website to use JavaScript to take control of the referring window.
Having this behavior the default for "_blank" links has been on the Mozilla agenda now for two years. It's good to see this sane security default finally in place.
An important change with Firefox 79 for Linux users on Wayland is that DMA-BUF video textures are now used when the Video Acceleration API (VA-API) is enabled.
Those wanting to grab Firefox 79 ahead of the official announcement can find the binaries on Mozilla.org.
38 Comments