Firefox 37: find out what is new
Mozilla will release new versions of the Firefox web browser for all supported channels later today.
This brings the stable version of the browser to version 37 while Beta, Aurora and Nightly versions are upgraded to 38, 39 and 40 respectively.
Firefox's Extended Support Release will be upgraded as well to version 31.6.
To find out which channel you are using type about:support in the web browser's address bar and check the version under application basics near the top of the page that opens up.
The guide below provides you with information about changes that went into Firefox 37.
Firefox 37 download and update
Firefox 37 is already available on Mozilla's public FTP server. It is usually not a good idea to download it from there directly as last minute changes may make a different build the release build.
While this does not happen often, it did happen in the past.
Probably the best way to upgrade is to run a manual update check in the browser. You do that by tapping on the Alt-key on your keyboard and selecting Help > About Firefox from the menu bar at the top that is displayed when you do that.
Mozilla hosts all downloads and you can download them from the site as well to upgrade or install anew. Use the following links to do so (note: the recent updates may not be available yet).
Firefox 37 Changes
Firefox 37 does not introduce many new features in the browser that are visible to users.
Media Source Extensions (MSE) on YouTube
When you visit YouTube's HTML5 video player page you will notice that Firefox 37 supports Media Source Extension now on the site.
While you could force support previously by changing browser preferences on the about:config page of the browser, that is no longer necessary at least not for Media Source Extensions and MSE & H.264 which are both enabled by default now on the site.
Tip: To enable MSE & WebM VP9 which is shown as not supported right now do the following:
- Load about:config in the browser's address bar.
- Confirm you will be careful if the warning appears.
- Search for media.mediasource.webm.enabled
- Double-click on it to toggle its value (to true).
Reload YouTube's HMTL5 check page and you should see that the last option is supported as well now on the site.
This feature is limited to YouTube by default. To change that modify the preference media.mediasource.youtubeonly and set its value to false using the method listed above.
You may run into issues on some sites if you enable that feature globally though. If you do, repeat the process to disable it again.
Heartbeat user rating system
Heartbeat adds a User Voice like system to Firefox allowing Mozilla to get user feedback directly from users of the browser.
I covered Heartbeat when it first appeared back in February and suggest you read the article that I wrote back then for additional information about it.
If you don't want to participate in Heartbeat at all, do the following to disable the feature in the browser:
- Open the about:config page again as outlined above.
- Search for browser.selfsupport.url.
- Double-click the parameter and set its value to blank.
To undo the change, right-click on the preference and select reset from the context menu.
Bunch of security improvements
Security improvements are usually not something that are visible to users. The following paragraph lists the improvements that went into Firefox 37.
- Bing Search uses HTTPS by default now.
- Disabled insecure TLS fallback.
- TLS False Start optimization requires a cipher suite using AEAD construction.
- Extended SSL error reporting to report non-certificate errors.
- Improved protection against site impersonation
- Support for local revoked intermediary certificates blocklist
- Added support for e-mail name constraints in certificates.
- Improved certificate and TLS communication security by removing support for DSA
- Opportunistically encrypt HTTP traffic if the server supports it.
Developer Changes
New Security panel in Network Monitor
The security panel lists security-related information about the selected entry in the network panel. This includes connection details such as the protocol version and cipher suite used but also certificate information and security features used by the connection.
New Animations panel in Page Inspector
If the selected element on a page is animated, Firefox displays the Animations panel which displays information about it and provides you with play and pause buttons to control it.
Other developer changes
- Debugger panel supports about:// and chrome:// URIs.
- Logging of weak ciphers in web console.
- WebSocket now available in Web Workers.
- IndexedDB now accessible from worker threads.
Firefox for Android
The majority of changes of the desktop version of Firefox were also implemented in the Android version. I suggest you check out the changelog if you are interested in those. Below is a selection of features unique to Firefox for Android.
Tablet interface updates
Tablet interface updates launched in Firefox 37 for Android. You will probably notice right away that tabs are on top now in the new interface.
Other changes include a redesigned tabs tray displaying all open tabs in the browser. You find additional information about the new interface on Medium.
Minor changes
- Support for sending videos to Matchstick devices.
- URL bar displays the url instead of the page title by default now.
Security updates / fixes
Security updates are released a short while after the Firefox 37 release. I'll add those once they become available publicly.
- MFSA 2015-42 Windows can retain access to privileged content on navigation to unprivileged pages
- MFSA 2015-41 PRNG weakness allows for DNS poisoning on Android
- MFSA 2015-40 Same-origin bypass through anchor navigation
- MFSA 2015-39 Use-after-free due to type confusion flaws
- MFSA 2015-38 Memory corruption crashes in Off Main Thread Compositing
- MFSA 2015-37 CORS requests should not follow 30x redirections after preflight
- MFSA 2015-36 Incorrect memory management for simple-type arrays in WebRTC
- MFSA 2015-35 Cursor clickjacking with flash and images
- MFSA 2015-34 Out of bounds read in QCMS library
- MFSA 2015-33 resource:// documents can load privileged pages
- MFSA 2015-32 Add-on lightweight theme installation approval bypassed through MITM attack
- MFSA 2015-31 Use-after-free when using the Fluendo MP3 GStreamer plugin
- MFSA 2015-30 Miscellaneous memory safety hazards (rv:37.0 / rv:31.6)
Additional information / sources
- Firefox 37 release notes
- Firefox 37 Android release notes
- Add-on compatibility for Firefox 37
- Firefox 37 for developers
- Site compatibility for Firefox 37
- Firefox Security Advisories
Now Read: Firefox Release Schedule
Since I’ve rarely wanted to transfer more than one tab between browsers, I’m not inclined to install another extension just for that — especially one that (according to your description) closed all my tabs in the process. In the past I’ve just copied and pasted the URL, but (even for just one tab) that is a little tedious.
I just tried an interesting little experiment, with a useful result. (I did this on my Mac, but I’m guessing it would work on other platforms too.) I’m reading this article in Firefox, so I opened a new blank window in Chrome. At the top of both browser windows, at the far-left end of the URL bar, there’s a little icon of the letter “i” in a circle. (If you hover over it in Firefox, it says “Show site information”; in Chrome, hovering it says “View site information” — that’s the icon I’m talking about.)
I simply dragged the Firefox “i” icon from the top of this page, into the Chrome window — and this page loaded in Chrome! It worked! Then I tried something just a bit trickier, in the other direction — I first (from a bookmark) loaded into Chrome a page from my local web-development server (i.e. not online)… then dragged the “i” icon from the Chrome toolbar into this Firefox window — and it worked then too!
So, although I have no interest in the OneTab extension, I just learned something useful! I hope other people find this trick useful too. (Later I’ll try it in Safari — maybe it works in every browser?)
Interresting find Jonas, thanks for sharing!
Your comment doesn’t appear to be one of the real @Martin, because there is no black label rounding the entire title of the comment as before. :S
I also used onetab already and didn’t even know they had this feature. Thanks so much.
Exporting tabs to FF: “The address wasn’t understood. Firefox doesn’t know how to open this address, because one of the following protocols (chrome-extension) isn’t associated with any program or is not allowed in this context.”
Useless.
And the most important information was left out of the article or it don’t even exist in the first place: how to completely disable such functionality.
Your comment doesn’t make any sense at all. It’s an explicit user action to import data from other add-ons. If you don’t want it you just don’t do it.
This comment actually does make a lot of sense, and I am actually searching for this. Some people do NOT want websites to be (badly) translated, so they never use such a feature. The things is, every time I visit a non-english website this annoying menu pops up, and the button is another element in the URL bar cluster of useless unused features. I do not want to add all languages to a “do not translate” list, instead I want a “hide button” or “disable translations completely” setting.
This comment actually does make a lot of sense, and I am currently searching for this. Some people do NOT want websites to be (badly) translated, so they never use such a feature. The things is, every time I visit a non-english website this annoying menu pops up, and the button is another element in the URL bar cluster of useless unused features. I do not want to add all languages to a “do not translate” list, instead I want a “hide button” or “disable translations completely” setting.
my bad. somehow my, and I think DMoRiaM’s comment got mixed into the wrong article. Haha.
go to about:config and set browser.translations.automaticallyPopup to false.
Does this hack still work on FF 107 or whatever is most current?
Firefox 118 seems to be officially rolling this out by default: https://support.mozilla.org/en-US/kb/website-translation
Hoping Mozilla won’t remove the option altogether in the future as they already did for other, ahem, unwanted features… Why don’t they listen to their users instead?
@zed,
your reply seems to be Addlibs (according to your RSS reader),
Addlibs did not intend to comment on this article “OneTab browser extension”, but regarding Firefox’s new built-in fullpage translation “Firefox Translation”.
Firefox Fullpage Translation
https://support.mozilla.org/en-US/kb/website-translation
what the heck is going on with comments on this site lately?
first comment on THIS article was 9-2019.
Looks like the comments database is corrupted.
Besides old comments appearing in new articles, the same comment appears in multiple articles.
Also I answered a comment in one article, and the same answer appeared as an answer to a different comment by the same person.
@Martin Brinkmann,
Anyway, please deal with this anomaly ASAP.
Comments are a mess, irrelevant and chaotic.
If there is no prospect, Ghacks Technology News should be put on hiatus until the system is fixed.
It’s the same as before with endless monologues or people telling others why they are wrong.
Actually, Frankel, it’s you who’s wrong
This is all techo-BS. What people want is far simpler: a hotkey toggle: images on/images off. Is that really so complex? Seems so. It’s like autoplay videos on/off. In that case you can set it to off but it doesn’t stick. Typical digiocy.
This isn’t great but it might help people that have moved from chrome to firefox to some extent. I can’t tell you the amount of time I have seen people complain that a certain extension they use on google is not available and the only thing holding them back from moving over when they are actually wrong and the very same developer has a Firefox version also. I would always encourage manually looking as there are always hidden gems.
In regards to the website I have reached out to Martin personally and to his credit he replied very quickly. He has informed me that they are aware of the problems and are attempting to fix it.
Martin is no longer involved in the technical management of the site so I imagine if we want to ask someone then our comments would perhaps be better directed towards Softonic.
I don’t understand what is happening here with the comments. The counter shows zero comments and then inside there are some comments from older dates even since years. And mostly of them are non related by the way with the article. So sad what’s going on and nobody is still fixing it. :S
This site now appears to be mostly be created and run by AI. On the positive side (if there is one), I guess we can assume at some point the AI will be capable of recognizing and fixing corrupted files and the like.
“Import Chrome extensions” …. (by installing comparable Firefox extensions) … (for a small number of extensions).”
What a bunch of bogus PR spin. Someone who liked uBlock Origin on Chrome could already install it just fine on Firefox with a couple of mouse clicks. This just adds extra unnecessarily complicated steps to something that was already dead simple, all in order for Mozilla to claim fake one-to-one compatability that doesn’t actually exist.
It would be interesting if Firefox could install Chrome Addons directly from the Chrome Web Store. Although there would probably be some incompatibility, perhaps there’s a shim to translate some Chrome-specific WebExtension APIs over to Firefox. Microsoft Edge can install extensions directly from the Chrome Web Store, but Edge is using the same Blink web engine as Chrome so that makes things easy.
Don’t really care about importing as I never use that feature.
Just retire Gecko and join the Blink bandwagon already, Mozilla. Then you can guarantee 100% Chrome extension compatibility! /s
Not like your browser is getting much attention let alone budget compared to your other woke social justice initiatives.
Hello,
does anyone know if the STG has issues with the sidebar at the moment? I just added it and can not find any option to use it in the sidebar. I am also using an add-on for tree style tab…this might be the source of the problem?
Greetings, Anja
tried typing- about:config -in the search bar -( I want to enable javascript) but it simply will NOT open!
I tried Firefox Translate, but it doesn’t do Chinese or Japanese, and that’s a deal-breaker for me. I uninstalled it and am sticking with the Google Translate extension.
“…Vivaldi and Brave use self-hosted solutions, which still require connections, but offer better privacy than an integration of Google Translate or other third-party translation services would offer.”
While I like Brave as a browser, their translation “solution” just plain sucks. I’d rather have the data sent to Google or Bing, than have a translate feature that just doesn’t work properly. Not only is it not possible to select just a section of text to translate, but to make it worst, most of the time translating the whole page in Brave is either really unbearably slow, or more often than not, it just won’t translate the page at all and displays a “This page couldn’t be translated” error. It’s pretty pointless if their users need to keep using something else to translate pages and have to give up their privacy anyway.
The native translate feature in Firefox sounds like a much better solution than what Brave use.
Great news, thanx FF devs! Hopefully, more languages will be available in the future. So happy!
Floorp comes with its own built-in translator. It’s been like that ever since the first release in fact.
https://floorp.app/download
Article title: Firefox 117: native language translations, last Firefox 102 update and security fixes
https://www.ghacks.net/2023/08/29/firefox-117-native-language-translations-last-firefox-102-update-and-security-fixes/
I think for now every time I comment on an article I am going to put the title of the article and/or the URL of said article because I am seeing my own comments which are from another Firefox related article but not exactly this one.
In regards to this website Martin does not have administrative access to the back end of the website. It would fall on softonic international to fix it now which seems to be of very low priority.
This might be the straw that broke the camels back for ghacks which is a shame because it had many good comments and articles that go way back. Moving away from it would suck.
Maybe try contacting them here to see if you can get any action.
https://hello.softonic.com/contact/
Can you help me please.
Latest version, they pust their VPN (powered by Mullvad) yet again. Instead of writing version changes. sigh. https://imgur.com/g6N20bN
Luckily I had a recent backup available. Firefox was no longer giving me access to profiles when I reinstalled version 116.03 and was asking me to create a new profile. It asked me to upgrade last night and to my surprise all theJS scripts were gone.
https://github.com/xiaoxiaoflood/firefox-scripts/issues/265
Firewall: “Deny [Firefox] outgoing connections to domain nextdns.io”
Firewall: “Deny [plugin-container] outgoing connections to domain cloudflare-dns.com (including mozilla.cloudflare-dns.com)”
It’s exciting to hear that Mozilla is actively working on a design refresh for their Firefox web browser, internally referred to as Photon. The last major redesign, known as Proton, was introduced in Firefox 57 back in November 2017. Since then, Mozilla has made some interface changes, including the controversial address bar overhaul in Firefox 75 Stable.
While specific details about the design refresh are currently limited, Mozilla has created a meta bug on Bugzilla to track the changes. Although no mockups or screenshots have been shared yet, the bug names provide some insights into the elements that will receive a refresh, such as the address bar, tabs bar, main menu, infobars, doorhangers, context menus, and modals.
The new design is scheduled to be released in Firefox 89, which was initially planned for a mid-2021 release, specifically May 18, 2021. However, as development work is still ongoing, there is a possibility of a delayed release.
@ Zibtek,
I’m already using Photon on Floorp which is a fork of Firefox. Here’s a pix of what it looks like:
https://i.postimg.cc/8PsK7DjV/floorp-photon.png I enabled the menu bar at the top, but you can turn it off if you don’t like it.
Floorp is a Japanese browser based on FF102. I’ve been using it as my default browser ever since ‘owl’ pointed it out on the Ghacks site last year (or was it this year, can’t remember exactly when). In any event it contains many more enhancements than the vanilla version of Firefox. It also comes with searXNG search engine in the list of search engines provided which saves having to install it yourself.
Floorp download: https://floorp.app/en/
My comment is regarding the following,
Article title:
Mozilla patches critical WebP security issue in Firefox and Thunderbird
>> ghacks.net/2023/09/13/mozilla-patches-critical-webp-security-issue-in-firefox-and-thunderbird/#respond
Indeed, today, those patch versions were applied through automatic updates.
However, since I had disabled the “WebP” function, I was not interested in that topic (Google, etc.).
Regarding Thunderbird:
Today finally,
My Thunderbird 102.14.0 (en-US) was updated with “Thunderbird 102.15.1 (x64)” through the automatic update feature.
By the way,
Naturally, it will not be automatically updated to 115 (Supernova).
Anyway,
it is clear from Bugzilla that the bug fixes related to migration from 102 to 115 are not complete, so existing users of “102” should refrain from manually updating to 115.
>> ghacks.net/2023/09/08/thunderbird-102-to-115-upgrades-are-now-enabled/#comment-4573569
Betterbird has been released 115.2.1-bb11 (12 September 2023) . Betterbird make Thunderbird a faithful upstream.
Betterbird: Release Notes
>> betterbird.eu/releasenotes/?locale=en-US&version=115.2.1&channel=default&os=WINNT&buildid=20230911203543
@Martin Brinkmann,
I posted in response to an article published on 2023/09/13.
Article title: Mozilla patches critical WebP security issue in Firefox and Thunderbird. >> ghacks.net/2023/09/13/mozilla-patches-critical-webp-security-issue-in-firefox-and-thunderbird/
However, the link was to an unrelated article published on 2019/09/27.
>> ghacks.net/2019/09/27/how-to-import-tabs-from-chrome-to-firefox-and-vice-versa/
This kind of “disorder of Articles and Comments” has been going on for another month.
Is this an obvious (by Softonic, which operates and manages ghacks.net) act of sabotage against Martin and Ashwin?
It’s really frustrating!
[ My comment is on “Mozilla patches critical WebP security issue in Firefox and Thunderbird” https://www.ghacks.net/2023/09/13/mozilla-patches-critical-webp-security-issue-in-firefox-and-thunderbird/ though not directly related to that article ]
What happened to gHacks? When the site was bought out, Martin assured us it wouldn’t go downhill and he’d maintain editorial control, but the AI-written articles are ruining the quality of the site. I’ve been tempted to drop the site from my RSS reader because of this. Is there an RSS feed with only the human-written articles? Individual feeds for each author isn’t a good solution.
Article Title: Mozilla patches critical WebP security issue in Firefox and Thunderbird
Article URL: https://www.ghacks.net/2023/09/13/mozilla-patches-critical-webp-security-issue-in-firefox-and-thunderbird/
If anyone was unaware you should download the extension “Don’t Accept WebP” regardless of the patch. WebP is absolute trash that is unnecessary and clearly an issue. I would rather my images be in their native format and not some recompiled trash such as WebP.
I have absolutely no love for the parent company of this website.
I agree, this is so atrocious – most of the time you can even tell by the URL what format the original image was in – this “reconvert-on-the-fly” nonsense is terrible – but especially so when you’re converting a lossy format, which should be avoided as often as possible.
Sometimes you can edit the image URL to get it to send the right image, unfortunately “don’t accept WebP” doesn’t always work – but that’s why they offer a built in conversion, I suppose.
@ Mystique,
Thanks for the tip (about the addon). I wasn’t aware that Webp was a vulnerability.
I read only Martin Brinkmann’s, Mike Turcotte’s, and Ashwin’s articles. Add uBlock Origin news filter for ghacks:
! 2023-09-13 https://www.ghacks.net/
ghacks.net##.hentry,.home-posts:not(:has-text(/Martin Brinkmann|Mike Turcotte|Ashwin/))
@ https://www.ghacks.net/2023/09/13/mozilla-patches-critical-webp-security-issue-in-firefox-and-thunderbird/#comment-4573641
I tried your uBlock filter on Brave snap packaga for Ubuntu, but it doesn’t work, do I need to restart the browser?
I have noticed uBO doesn’t fully work on Brave, for instance the Element Picker can’t pick anything while the Zapper do, but not 100%, Nuke Anything works much better, but it’s only temporarily.
“important address bar change” alright calm down… lol
I have gotten rid of the stupid shield and the “not secure” box, and have it set up so that it always displays the full URL (I think…?).
In a perfect world, it should just always show the full url, no icons, or emojis, or anything like that.
“Users may want to know why Firefox is no longer displaying https:// in the address bar” I’ll bet nobody will notice anything – apart from a select few autists like myself who customise everything and don’t like change.
“Users may want to know why Firefox is no longer displaying https:// in the address bar”
Why, I don’t know either (a breeze of madness or is it of love in the air), but there’s an about:config to handle that as well (Firefox) :
// display all parts of the url in the location bar (do not trim)
pref(“browser.urlbar.trimURLs”, false); // Dfault=true
Things, too many, too often are decided in spite of common sens.
Firefox is always copying whatever Chromium does… it is like they are a Chromium browser without the name and having trouble rendering many websites. In fact, it is like they are getting 400million just for existing and adopt anything Google releases or does, like web extensions, widevine, safe browsing and then visual changes like this.
I like how some people think there is a choice, and the choice is better than the leader… while still failing at basic stuff.
What’s the point of these useless changes? Just show the full address with the protocol at all times and be done with it…
I set the User Agent address bar to always show the entire URI in a unmasked format.
Martin, as of 19 September 2023, the gHacks comments system is still severely mangled. Data subjects have considerable rights conferred on them; where those decisions are likely to affect them.
“HTTPS doesn’t mean safe:
Many people assume that an HTTPS connection means that the site is secure. In fact, HTTPS is increasingly being used by malicious sites, especially phishing ones.”
[https://www.kaspersky.com/blog/https-does-not-mean-safe/20725/]
HTTPS doesn’t mean safe
Many people assume that an HTTPS connection means that the site is secure. In fact, HTTPS is increasingly being used by malicious sites, especially phishing ones.
HTTPS doesn’t mean safe
Many people assume that an HTTPS connection means that the site is secure. In fact, HTTPS is increasingly being used by malicious sites, especially phishing ones.
website still wacked huh?
Article: Firefox 119 will launch with an important address bar change
https://www.ghacks.net/2023/09/19/firefox-119-will-launch-with-an-important-address-bar-change/
Just one thing regarding the URL bar as it looks like now in latest Firefox, the relatively new feature where some extensions would add their icon inside the URL bar, how bad can it get?
https://imgur.com/uIlWI58
https://postimg.cc/YvYnpzGh
https://ibb.co/QQT584N
ps. uploaded same pic to several links just to make sure some will work.
(For those who can’t see the pic it’s a snapshot showing a URL bar full of extensions, and also Firefox own built in icons that would appear inside the URL bar depending in some cases on which type of website is being viewed, there’s no space left for the actual thing the URL bar is supposed to view, namely the URL address itself)
Yes, I have several extensions on the toolbar, but the menu bar is pretty full and I want to keep some on the toolbar too, and usually Firefox would also push excessive extensions behind a drop-down menu for access to them as well, but as it looks like now the URL bar is given too little space priority, or is there a way to restrict to a minimum URL bar size?