Firefox 47 has been released on June 7th, 2016 to the stable channel. Firefox users can upgrade to the new version using the update functionality of the browser, or by downloading Firefox 47 from the Mozilla website.
All Firefox channels that Mozilla maintains are updated on the same schedule which means that Firefox ESR, Beta, Developer and Nightly editions are also updated today.
Firefox Stable is updated to version 47.0, Firefox Beta to 48.0, Firefox Developer Edition to 49.0, and Firefox Nightly to 50.0.
Additionally, Firefox ESR is updated to 45.2, and the previous major release, 38.8 is no longer supported.
- Firefox Extension signing enforcement on Stable and Beta releases has been pushed back another version. Mozilla aims to remove the override switch in Firefox 48 now. The reason given is that there are not unbranded Stable and Beta releases available right now that add-on developers need for testing their add-ons.
- Firefox ESR 38.x is no longer supported.
- Firefox 47 gets support for Google Widevine CDM (Content Decryption Module).
- about:performance and about:debugging are two new internal pages.
Firefox 47 download and update
Most Firefox Stable users will probably update to the new version using the browser's update mechanics.
Note: The review of Firefox 47.0 has been published on June 7th, 2016. Firefox may not pick up the update immediately on that day depending on when it is officially made available by Mozilla.
To check for updates, tap on the Alt-key on the keyboard when Firefox is focused, and select Help > About Firefox.
This displays the current version and runs a check for updates on top of that. If the update is found, it is either downloaded and installed automatically, or options to do so are displayed to you on that screen.
You may download all editions of Firefox using the links below instead.
- Firefox Stable download
- Firefox Beta download
- Firefox Developer download
- Nightly download
- Firefox ESR download
Firefox 47 Changes
Click-to-activate whitelist removed
Mozilla changed how plugins work in Firefox in 2014 by changing their default state from running on sites requesting them automatically to requiring user activation for that.
Mozilla made available a whitelist for plugin owners which had the effect that these plugins were not set to click-to-play in Firefox.
Inclusion on the whitelist required that the company put a plan in motion to move away from NPAPI, for instance by utilizing HTML5 in the future for functionality.
Starting in Firefox 47, that whitelist is removed. Mozilla notes that Adobe Flash is the only plugin left that will retain whitelist status while the activation status of all other plugins that were whitelisted previously are changed to click-to-play.
User-agent spoofing in Developer Tools
You can set a custom user agent in the Responsive Mode of Firefox's Developer Tools as of Firefox 47.
- To use the feature, tape on F12 to bring up the Developer Tools screen.
- Select the responsive mode option by clicking on the icon in the menu bar (it is on the left of the cogwheel icon).
- There you find the option to enter a custom user agent that is then used to connect to the site.
An add-on like User-Agent Switcher offers better functionality though.
Support for Google Widevine CDM
Mozilla added support for Google Widevine CDM in Firefox 47. This is the second CDM that is being made available for Firefox, the first was Adobe's Primetime CDM which was made available in 2015.
These Content Decryption Modules are required to play copy-protected content in Firefox without plugins.
Google Widevine CDM is being made available for Windows Vista and higher, and Mac OS X. It will be downloaded automatically to Firefox, but activated on the first interaction with sites requiring Widevine.
Widevine is an alternative for Silverlight, which means that Firefox users can now watch Amazon Prime videos without having Silverlight or Flash installed.
For now, it works only with mp4 streams and not webm streams.
Load about:performance in Firefox's address bar to receive performance information of installed add-ons and open web pages.
It displays whether the add-on or web page is performing well or potentially slowing down Firefox. Also, it lists actions to disable or uninstall add-ons, or close or reload web pages.
- Embedded YouTube videos that use older code that relies solely on Flash can be played in Firefox even if Flash is not installed as the code is modified automatically to support HTML5 video.
- FUEL (Firefox User Extension Library) has been removed.
- Enable VP9 video codec for users with fast machines.
- Allow no-cache on back/forward navigations for https resources. See bug 567365 for additional information.
- The preference browser.sessionstore.restore_on_demand has been reset to default (TRUE) which means that Firefox will only load one tab on startup and on demand. You can change the preference's value back to FALSE to restore the previous behavior.
- Web page links to view-source URLS are blocked by Firefox due to the feature causing security issues in the past and being only useful to browser developers.
- View, start, and debug registered Service Workers. You need to enable worker debugging in the Developer Tools preferences first.
- about:debugging dashboard for Service workers. You can load it directly using this url: about:debugging#workers
- RSA-PSS signature support, and PBKDF2 supports SHA-2 hash algorithms.
- Added support for ChaCha20/Poly1305 cipher suites.
- Font Inspector is disabled by default.
- 3D View has been removed.
- Console detects incomplete input now and switches to multi-line mode automatically.
Firefox for Android
Block the loading of web fonts
Firefox 47 for Android ships with a new preference that enables you to block the loading of web fonts to reduce bandwidth and data use.
Web fonts are loaded by default, but you can disable that in the options. Here is how that is done:
- Select the menu icon and there Settings.
- Select Advanced Settings when the preferences screen opens.
- Locate the "show web fonts" preference, and flip it to off.
Other Firefox 46 for Android changes
- Firefox 47 is the last to support Android 2.3.x devices.
- Removed support for Android web runtime WebRT.
- Favicons are removed from the address bar to prevent HTTPS spoofing
- Open multiple links renamed to Tab Queue.
Security updates / fixes
Mozilla releases information about security updates and fixes after the release. These will be added once they are made available.
MFSA 2016-61 Network Security Services (NSS) vulnerabilities
MFSA 2016-60 Java applets bypass CSP protections
MFSA 2016-59 Information disclosure of disabled plugins through CSS pseudo-classes
MFSA 2016-58 Entering fullscreen and persistent pointerlock without user permission
MFSA 2016-57 Incorrect icon displayed on permissions notifications
MFSA 2016-56 Use-after-free when textures are used in WebGL operations after recycle pool destruction
MFSA 2016-55 File overwrite and privilege escalation through Mozilla Windows updater
MFSA 2016-54 Partial same-origin-policy through setting location.host through data URI
MFSA 2016-53 Out-of-bounds write with WebGL shader
MFSA 2016-52 Addressbar spoofing though the SELECT element
MFSA 2016-51 Use-after-free deleting tables from a contenteditable document
MFSA 2016-50 Buffer overflow parsing HTML5 fragments
MFSA 2016-49 Miscellaneous memory safety hazards (rv:47.0 / rv:45.2)
Firefox 47.0.1 was released on June 28, 2016. It is a bug fix release that fixes an issue with Selenium WebDriver which may cause the browser to crash on start.