Mozilla Firefox 96.0 release: here is what is new
Firefox 96.0's release date is January 11, 2022. It is the first Firefox Stable release of 2022. The new Firefox version includes some improvements and fixes, including security fixes.
All other Firefox channels are upgraded around the same time. Firefox ESR moves to Firefox 91.5 ESR, Firefox Beta and Dev editions to version 97, and Firefox Nightly to version 98.
Check out our release overview of Firefox 95 here. Mozilla released two smaller updates for Firefox 95, Firefox 95.0.1 and Firefox 95.0.2, that addressed issues in the browser.
Executive Summary
- Firefox 96 is a security update.
- Firefox changes how cookies are handled that come from the same domain but use different schemes, e.g. HTTPS and HTTP. The sites are considered different "with respect to the cookie SameSite directive".
Firefox 96.0 download and update
Firefox 96.0 will be pushed out to all systems on January 11, 2022, provided that the automatic updating functionality has not been turned off.
Users may select Firefox Menu > Help > About Firefox to display the currently installed version and to run a manual check for updates. Updates that are discovered during the check are downloaded and installed automatically.
Here are the links to the official download repositories.
- Firefox Stable download
- Firefox Beta download
- Nightly download
- Firefox ESR download
- Firefox for Android on Google Play
Firefox 96.0 new features and improvements
Changes in cookie handling
Firefox 96.0 enforces the Same-Site=lax cookie policy by default now. It is one of three available values for the Same-Site policy and blocks cookies from being sent in third-party contexts. Firefox will use the lax value automatically for sites that don't specify a Same-Site directive.
Mozilla explains:
Cookies are not sent on normal cross-site subrequests (for example to load images or frames into a third party site), but are sent when a user is navigating to the origin site (i.e., when following a link).
This is the default cookie value if SameSite has not been explicitly specified in recent browser versions (see the "SameSite: Defaults to Lax" feature in the Browser Compatibility).
Other changes
- The main-thread load has been reduced "significantly" according to Mozilla.
- Improvements to noise-suppression and auto-gain-control, and "slight improvements in echo-cancellation".
Developer Changes
- The hwb() function for use as a CSS color value has been implemented.
- Firefox now provides support for the color-scheme property
- The counter-reset property now supports the reversed() function for creating reversed CSS counters, which are intended for numbering elements in descending order.
- navigator.canShare() is now supported on Android
- The Web Locks API is enabled by default.
- Image encoder support has been added for the WebP image format.
Enterprise changes
Mozilla fixes a bug that affected the downloading of files to mapped network drives. Additionally, Mozilla Firefox is now hiding the Windows SSO option in preferences if the feature is not supported by the installed version of Windows.
Engineers fixed three policy issues and added two policies that modify the new default Same-Site=lax cookie policy.
- AutoLaunchProtocolsFromOrigins errors were not displayed properly.
- SearchEngines | Add updates search engines when attributes are changed.
- SuggestURLTemplate in SearchEngines | Add did not work correctly.
- New LegacySameSiteCookieBehaviorEnabled policy to set the global default handling to the legacy behavior.
- New LegacySameSiteCookieBehaviorEnabledForDomainList policy that allows administrators to specify a domain list for which cookies should be handled using the legacy behavior.
Bug Fixes
- Command-clicking links in Gmail opens these links in a new tab.
- Fixes a video issue that saw SSRC dropped.
- Fixes a WebRTC downgrade screen sharing resolution.
- Fixes video quality degradation issues on "certain sites".
- Detached video has been disabled on Mac OS in fullscreen to "avoid some issues with corruption, brightness changes, missing subtitles, and high cpu usage".
Known Issues
None listed.
Security updates / fixes
Security updates are revealed after the official release of the web browser. You find the information published here after release.
Outlook
Firefox 97, Firefox Beta and Dev 98, Firefox Nightly 99, and Firefox ESR 91.6 will be released on February 8, 2022.
Recently Reviewed Firefox extensions
None
Recent Firefox news and tips
- A Recent Windows Update prevents Mozilla's workaround to set Firefox as the default browser
- Mozilla's revenue increased in 2020 to $496 million
Additional information / sources
- Firefox 96 release notes
- Firefox 96 for Developers
- Firefox for Enterprise 96 - release notes
- Firefox Security Advisories
- Firefox Release Schedule
@ Mull users.
There will be slaves who believe that you should accept arkenfox/user.js settings on android and I urge you to reconsider it’s new ‘total cookie protection’ prefs.
How can arkenfox/user.js enforce Total Cookie Protection in android, when focus is the only build that supports it? Noone has answered that.
I feel like even the doc citers are newbs at this point. At least until they can clear it up other than pointing out the fact that ‘prefs have been changed’. Yeah no shit.
Mf , explain how firefox forks can be reconfigured by prefs alone when support is only quoted by Focus /’klar’….or stfu.
STFU. Mull still supports FPI coz dFPI isn’t available yet. Better visit Mull GitHub page to see actual things than ranting.
There’s hardcore masochists, there’s the wilfully delusional and then there’s Firefox users.
“It respects privacy bro! After you make these 50 changes to ‘harden’ your settings!”
“Even though they are so financially dependent on Google and get hundreds of millions of dollars in search revenue, they are still a plucky little underdog run by idealistic hipsters to fight against the evil privacy destroying Google which just so happens to always be the default search engine in what is claimed to be the most privacy respecting browser!”
“You can always change it back in about:config/userChrome.css!” followed by
“You can always switch to the ESR version!” followed by
“Huh, why would you want that feature anyway.”
@Rex, I agree. Anyway, at least for me, FF96 has been the most frustating version ever due its terrible management of OS dark/light mode and let a single theme to decide, well in fact to override whole OS priority (i.e., a dark theme will set the dark mode no matter what, a light theme will set the light mode and for finish the madness, there are no balanced or customizable options). :[
Minor glitch found: if I have a single search engine, there is no way to add a newly discovered search engine, also if you have the little green plus sign on your search bar. The only way is to add back an existing one.
I cant browse at all since the new update. I am using chrome to compare and im flying in chrome and when i try to do anything in firefox just stays thinking, sometimes works then again bad. reverting it right now.
See here: https://www.ghacks.net/2022/01/13/some-firefox-users-report-connection-issues-workaroudn-inside/
@Lucia:
Same here. FF96 can’t connect to anything, whilst other browsers do.
I just downgraded to 95.0.2, tired of the stupid glitch of some elements showing dark mode.
The solutions of the about:config were only partial.
Every new tab open was showing a weird black blink and some menus, etc.
I am valuating to turn again to FF ESR branch, which is currently at v91 I guess. I has been unable to set to my taste my friendly theme for years because, after upgrading to FF96, almost everything it’s a despicable mixed dark/light mode everywhere, a nonsense mess really annoying: search-bar and menus are black but everything else is white and there is also a weird glitch of one second long showing a complete black background when loading Google, Yahoo, Ghacks and some other websites. It’s quite understandable an appalling colour management like this. :[
@ read the docs
I understand the user.js was updated to enforce dFPI. Unless I’m missing something here, Mozilla said that the only mobile browser to support Total Cookie Protection is Firefox focus. Mull is still based off of the Fenix build. Will the prefs for android stick or work? I read the doc you mentioned but it doesn’t clear that up. Only that the user.js was updated to disable FPI and to enforce dFPi.
It’s possible i’m just slow. However, Pants has said in many posts that the user.js is specifically meant for Desktop. I just don’t see how the user.js can enforce something on Fenix forks that isn’t even coded in. On Fennec, for example which is just standard firefox will not even hold the ‘5’ setting. It resets after the browser restarts.
read the link – mull already changes some arkenfox prefs
Firefox 96 overrides the W11 OS light/dark modes with no shame at all, please just fix it! Anyone knows how to set to light mode the menus of FF without installing a lighter theme from FF addon store? Mozilla and Microsoft are fighting for the gold medal of mediocraty! :[
Mozilla is not thrustworthy anymore. First, they support limiting freedom of speech for as it can be seen directly here in an official Mozilla blog post:
https://blog.mozilla.org/en/mozilla/we-need-more-than-deplatforming/
And secondary, Mozilla decided to stop support future proof technology (Bitcoin donations) after an ex founder complained and in result an angry mob threatened to leave the browser. This move on the other side side angered Bitcoin/Crypto supporters who are now leaving instead as it is visible in this official Mozilla Tweet here:
https://twitter.com/mozilla/status/1479143342495744009
Mozilla runs into constant publicity desasters thanks to their problematic PR team and i can only recommend to everyone to look for another browser if you are still using Firefox.
Mozilla has thrown all professionality away and has a very long list of betraying their own customization loving core user base.
I am highly disappointed with the state of Mozilla these days. Very very much….
“Mozilla is not thrustworthy anymore.”
I would say that they are still very “thrustworthy” (as in “Bend over, Mozilla…!). Maybe not so “trustworthy,” though. ;-)
But if you’re going to rant on this particular post, I would say rant about the browser, not Mozilla’s social policies. Better to take that directly to their front door/forum where they will hear it.
As it turns out, Mull users may have to make the adjustments that Tom Hawack posted above since arkenfox/user.js version 96 is moving to dFPI. The user.js is specifially meant for desktop and currently the only mobile browser that supports dfpi is Firefox Focus.
See here. https://www.bleepingcomputer.com/news/security/firefox-focus-now-blocks-cross-site-tracking-on-android-devices/
Unless the Mull team is aware of this, FPI is the only option for now.
https://github.com/divestedcg/Brace/blob/01190724ba5d513ef9866b120036bceef432c2dd/brace/usr/lib/firefox/browser/defaults/preferences/userjs-arkenfox.js#L10
> Changes made for Brace and Mull are noted with //BRACE and //MULL respectively
pref(“privacy.firstparty.isolate”, false); // [DEFAULT: false] //MULL-ENABLE_ME
pref(“network.cookie.cookieBehavior”, 5); //BRACE-UNCOMMENTED … //MULL-MODIFY_ME
// pref(“dom.serviceWorkers.enabled”, false); //MULL-UNCOMMENT_ME: disable for FPI
Arghh, now I have forced dark mode in my favorite theme!
I set the layout.css.prefers-color-scheme.content-override to 1 to change pages to use light mode again. But the menus is still black. Fix it, please.
There was a second fix for the Menus/History pages. Change “browser.theme.toolbar-theme” to 1 as well.
Just stay away from screwing up the themes!! FF you had a perfectly working dark mode under “Customize” and now it’s gone… WHY just WHY!?!?!
The link “Firefox 96 release notes” points to Firefox 95 release notes.
Once again. Mozilla never disappoints with their screw ups. They should open up a fast food place where their slogan is, “We like to screw up things because we decided on what’s best for our people”
I do use Tor browser quite a lot, but it’s not ideal for the clear web. Need something to avoid the endless loop of captchas that a lot of sites throw at Tor connections. I like Librewolf, but am also trying Firefox with arkenfox. So far it checks all the boxes for my fairly basic needs. It’s simpler to use on some Linux distros than Librewolf, since Librewolf isn’t in most repos.
What do you dislike about arkenfox, I’m curious. Do you also dislike the Mull browser for mobile?
You sound like the kids in my school when I was 13
I updated to FF96 with no issues yet. All my extensions still work. All my css still work. Any improvements they made are evidently for the good. Anything bad has not popped up yet. Yet.
What’s new is they broke a bunch of my css tweaks, again. I wish they would stop screwing with stuff for no reason.
mozilla did no such thing, user chrome is not officially supported. mozilla can change whatever the f they like in chrome
> I wish they would stop screwing with stuff for no reason
so what did they change and where are the bugzillas so you can look up the reasons why an unsupported feature was changed? because there will be a reason, changes don’t happen in a vacuum
You say that, but… no, actually, there’s been a *lot* of random changes for essentially no reason in the past few years. Giant-ass tabs and tab icons, removing customization from the about: pages… Firefox has gotten more and more opinionated about how it ought to *look*, and screwing with people’s defaults as a side effect. It’s one thing when it’s a matter of security, but what possible security concern would motivate you to *remove dark mode control options*?
The Firefox 96 behaviour with themes and dark/light mode is absolutely nonsense. In FF 95 I had a beautiful theme with grey clouds in a dark sky and even a full moon… and all menu options were white (light theme, I meant a dark FF theme and W11 light theme for menus). Now the same paint makes all entire Firefox to use the W11 dark theme, the light white menus are not anymore. Installing a less dark painted theme makes FF to turn it to light mode again! Nonsense! Thanks @Martin! :]
Solved, just set about:config > layout.css.prefers-color-scheme.content-override > 2
Thank you John !
Also browser.theme.toolbar-theme = 1 or 2 for bottom left status bar, dialogue windows etc.
@Anonymous I knew the config browser.theme.toolbar-theme = 1 or 2, however each time the browser turns off this setting is enabled again automatically to 0 value. Possible bug. :[
This does make the backgrounds of pages light again, but does not change the background of my menus (they are still dark theme). Is there a way to change them to light them as well?
@Anonymous I haven’t found the specific trick at about:config, however I provide you a transitory solution that is going to the themes of FF and select one as lighter as possible (i.e. silver ones or winter ones). This solution will return the menus to light mode and visually good. Be sure that the about:config layout.css.prefers-color-scheme.content-override is set to 1 (light mode) or 2 (system mode) after applied the new lighter theme. I hope this helps. :]
@anonymous or just try with about:config layout.css.prefers-color-scheme.content-override = 1 and then select the Firefox light default theme at themes section (about:addons). :]
I hate the fact that I am now stuck in Dark Mode in FF. Sounds like you figured out how to get out of that, but I don’t understand the fix. Can you help me out?
@Brucer just type at FF 96 about:config to get access to configuration shell, then just copy and paste layout.css.prefers-color-scheme.content-override and then edit the number to 1 or 2 (1 = light mode and 2 = system mode), you can use the pencil symbol to write the number. Then restar FF 96 and you should notice the changes. You can also review the process to see if the change has been set (you should see the number you have set in previous time). I hope this will help you in some way! :]
Why not just install a user theme instead? I use one called Glass Milk. Here’s a pix of what it looks like on the latest version: https://i.postimg.cc/s2Sc4w1q/glass-milk-theme.png
Download it from here: https://addons.mozilla.org/en-US/firefox/addon/glass-milk/
Thanks for the tip. I went with glass milk royal which has blue tint and it’s fixed the annoying dark mode that came up with my previous theme!
@TelV thanks, it’s a good theme, also I recommend this one below which fits like a glove:
https://addons.mozilla.org/es/firefox/addon/gallant-silver/
This will be my first time updating firefox with arkenfox. I’m assuming I’ll need to update firefox and the arkenfox files at about the same time. Any suggestions for the best way to do this are appreciated.
Create a new profile, then locate user.js downloaded from wherever you want – go with Arkenfox if you ask me – in the profile folder. No backup needed if you’re using a new profile which is preferred way. Right now Arkenfox is on version 95 in releases section, but you can copy version 96 and create a new file yourself to match with Firefox version. That’s how I did it me first time and doing it ever since. For reasons unknown I go with new profile in every major release and old one is deleted.
Thanks, that’s probably the best way to proceed.
After reading a bit on the arkenfox github, I think I’ll try using the arkenfox updater.sh script to update the profile in place. If it gives me trouble, I’ll go with a new profile like you are saying.
The JavaScript machine is still not fixed. Why is it taking so long?
you keep posting this every firefox release article, as if it means something. have you tired unplugging your internet and computer .. that’s it, don’t plug them back in
But it’s true
What does it even mean?
@Tom Hawak
> replace lockpref by user_pref if you’re dealing with a user.js file.
I use Librewolf on desktop and Mull on android which both come pre-configured with user.js files. How would one go about replacing the lockpref by user_pref?
Thanks in advance for your helpful post.
@Novice, i.e. :
lockPref(“network.cookie.sameSite.laxByDefault”, true); // DEFAULT=false
becomes
user_pref(“network.cookie.sameSite.laxByDefault”, true); // DEFAULT=false
user_pref goes into a user.js file right into your Firefox profile.
pref, lockPref, clearPref, defaultPref are ONLY for Autoconfig (generally within a file called config.js).
user_pref is more flexible given you can have different ones for different profiles
Autoconfig prefs on the other hand allow different status for each pref (pref, lockPref, clearPref, defaultPref)
If you’re interested in the user.js the best reference is https://github.com/arkenfox/user.js
Backup (your profile), enjoy :=)
Got FF 96 Final yesterday.
Just updated to 97b1 today. ?
– Cookie handling. Ever since available I’ve always set without any issue (replace lockPref by user_pref if you’re dealing with a user.js file) :
// ENABLE SAMESITE COOKIE POLICY (https://ultimatesecurity.pro/post/same-site-cookie/%5D
lockPref(“network.cookie.sameSite.laxByDefault”, true); // DEFAULT=false
lockPref(“network.cookie.sameSite.noneRequiresSecure”, true); // DEFAULT=false
// ENABLE SCHEMEFUL SAMESITE COOKIE POLICY (https://www.scien.cx/2020/11/20/schemeful-same-site/)
// Schemeful Same-Site modifies the definition of a (web)site from just the registrable domain to the scheme + registrable domain.
// This means that the insecure HTTP version of a site, for example, http://website.example, and the secure HTTPS version of that site, https://website.example, are now considered cross-site to each other.
lockPref(“network.cookie.sameSite.schemeful”, true); // DEFAULT=false
Updated to FF96. Side-note : I will keep on with FPI rather than with ETP Strict Mode and its DFPI. I won’t elaborate here but I believe FPI isolates better. DFPI is good for newcomers, it’s ON by default (whereas FPI is OFF by default) and as such is a great improvement. FPI is slightly cumbersome when it comes to setting cookies’ permission (feasible only from ‘Page Info’ or with an sqlite manager) and DFPI intiates several settings’ values that otherwise need to be set by the user. But FPI seems to me overall preferable after experiencing both.
Same which means adding overrides user.js which I never did but time has come.
@Yash, samesite cookie policy and schemeful samesite cookiepolicy are enabled by default on FF96, My “Default = false” had been noted for previous versions (I copy/pasted). I guess you got that. I only meant to state that these plicies have never created problems here.
User.js is great. I use rather Firefox’s Autoconfig (pref and lockPref) but the former is per-profile while the latter sets all profiles.
Whatever, you know that as well, backup backup backup, always!
Yep backup.
Actually Arkenfox is switching from FPI to dFPI in version 96. That’s where overrides enters the scene if we need FPI. In last six months alone there have been numerous improvements – dFPI, Smart Block and now this in Firefox. Good for end users. But depending on which side you’re on – it has all been concentrated to ETP and so one ETP toggle can undo all protections. Main reason I’m still gonna use FPI as prefs aren’t easy to toggle. Used dFPI for a month now, can’t notice any difference when browsing sites which need third party login. It is capable but unnecessarily linked to ETP strict setting.
@Yash, indeed :
// IF ETP STRICT MODE IS ENABLED (“browser.contentblocking.category”, “strict”) THEN
// (“network.cookie.cookieBehavior”, 5);
// (“network.http.referer.disallowCrossSiteRelaxingDefault”, true);
// (“privacy.partition.network_state.ocsp_cache”, true);
// (“privacy.trackingprotection.enabled”, true);
// (“privacy.trackingprotection.socialtracking.enabled”, true);
// (“privacy.trackingprotection.cryptomining.enabled”, true); // [DEFAULT: true]
// (“privacy.trackingprotection.fingerprinting.enabled”, true); // [DEFAULT: true]
Which means that if you use FPI instead of dFPI you’ll have to switch above prefs yourself.
Moreover, FPI will work best if :
// ENABLE FIRST-PARTY ISOLATION (FPI) of course
pref(“privacy.firstparty.isolate”, true); // DEFAULT=false
// DISABLE DYNAMIC FIRST-PARTY ISOLATION (DFPI)
// Some say that FPI prevails on DFPI, some say DFPI with FPI can create issues, so we disable
pref(“privacy.dynamic_firstparty.use_site”, false); // DEFAULT=true
// SET “browser.contentblocking.category” = “custom”
// This breaks ETP strict mode
pref(“browser.contentblocking.category”, “custom”);
// SET Cookie behavior to block 3rd-party sites
pref(“network.cookie.cookieBehavior”, 1);
That’s the way; aha aha I like it, that’s the way aha, aha ….
BUT this is NOT any advice, know what you’re doing, don’t copy/paste blindly :=)
I forgot to mention an essential point :
Whenever you switch from FPI to DFPI and vice-versa, all cookies, cookies preferences and many sites’ preferences become invalidated : you’ll have to rebuild it ALL manualy or use an sqlite editor (which is what I had done).
BEWARE!
So, for newbies, don’t change anything, follow default prefs, consider improving the overall with the excellent Arkenfox at https://github.com/arkenfox/user.js
I DO NOT ADVISE TO CONSIDER MY PREFS AS THE SAFIEST, they are only mine. With Arkenfox you’ll face no issue, all is explained there.
Detailed and helpful explanation as always. Sometimes I wish if Mozilla would make a guide to help users. Right now it is equivalent to finding tactics employed by football coaches where surely some explanation would help fans as to what is happening. Oh Mozilla and football coaches! Then I guess finding yourself or through someone else is worth it and is even better.
How to disable telemetry in firefox about:networking shows two options:
content-signature-2.cdn.mozilla.net
firefox.settings.services.mozilla.com
Security and update fixes are always more than welcome. That Firefox 96.0 enforces the Same-Site=lax cookie policy by default now is even more good news, from the Mozilla company, today.
@Martin Brinkmann
I had to block your ads because these prevented me to read your news. First Softonic GDPR warning (EU General Data Protection Regulation), second Keepass ad in German (auf Deutsch! Ich spreche nicht gut Deutsch, Englisch ist auch schwer.) an some ghacks.net pop-up video (it is moving!). Both of them demanded clicking to agree or close button before continuing. I hope blocking is only a temporary solution.
Please could you make less annoying ads? I think it is too much that ads demand user action. This is a only page that I allow ads, sometimes I have to block them if annoying.
Thank you Martin Brinkmann for great news (Mozilla Firefox, Linux etc).
Some ads are necessary for maintaining the websites and to pay the writers. :]
Now that Martin is not the owner, you can block them completely and not feel bad for him :-)