mozilla
Your Search Results

    Site Compatibility for Firefox 33

    Firefox 33 was released on . While it has been developed to maintain compatibility as much as possible, the new version includes some changes affecting backward compatibility aimed at improving interoperability with the other browsers or following the latest Web standards. Here's the list of such changes — hope this helps whenever you test your sites or applications.

    This article only explains the changes that may affect backward compatibility for websites. For the other new features and changes, please read the following documents:

    Follow the Firefox Site Compatibility project on Twitter, Facebook or Google+ for further updates.

    CSS

    ethiopic-numeric has been unprefixed

    The ethiopic-numeric value for the list-style-type property has been unprefixed since the style has been defined in the CSS3 Counter Styles spec. The prefixed value support will be removed some time in the future.

    Invalid list-style-type now leads to ordered list instead of unordered list

    Starting with Firefox 33, invalid list-style-type property values, like non, bulleted or disk, are fallbacked to decimal instead of disc, to follow the CSS3 Counter Styles spec.

    DOM

    XMLHttpRequest.mozBackgroundRequest has been removed

    The non-standard mozBackgroundRequest property on the XMLHttpRequest interface is no longer available from Web content.

    touchenter and touchleave events have been dropped

    The support for the touchenter and touchleave events has been removed due to the removal from the TouchEvent spec.

    Some KeyboardEvent.key values have been deprecated

    Some of KeyboardEvent.key values are now considered deprecated and warned in the Web Console prior to the change in Firefox 34 to comply with the latest DOM3 spec. Those include Down, Left, Right, Up, Crsel, Del, Exsel, Menu, Esc, Nonconvert, HalfWidth, RomanCharacters, FullWidth, SelectMedia, MediaNextTrack, MediaPreviousTrack, Red, Green, Yellow, Blue, Live, Apps, FastFwd, Zoom and DeadKeys. Check out the KeyboardEvent.key document for the complete list of key values.

    FileHandle API has been updated

    The implementation of the FileHandle API has been updated. The IDBDatabase.mozCreateFileHandle method has been renamed to IDBDatabase.createMutableFile. Also, the FileHandle and LockedFile interfaces have been respectively renamed to IDBMutableFile and IDBFileHandle, though consumers don't have to check these object names.

    event.timeStamp now returns DOMHighResTimeStamp on Nightly/Aurora for Windows

    On the Nightly and Aurora channels for Windows, the event.timeStamp property now returns a DOMHighResTimeStamp in microseconds, instead of a traditional time stamp in milliseconds. This feature is still disabled on the Beta and Release channels, and not yet implemented on other platforms.

    JavaScript

    Number.toInteger has been removed

    The Number.toInteger method, implemented with Firefox 16, has been removed since it's no longer a part of the ES6 draft spec. Number.parseInt can be used instead in most cases.

    Evaluation order of default parameters and functions inside function body is changed

    Default parameters, implemented with Firefox 15, were evaluated after functions inside the function body, but now are evaluated before those functions. So those functions cannot be referred from default parameters.

    javascript URLs specified as image sources are no longer executed

    Previously, javascript URLs specified as <img> src or CSS background images were parsed and executed as normal JavaScript codes. This trick no longer works, because it could be exploited to hang the browser, leading to a denial of service (DoS) attack.

    Regex on Latin-1-only strings may cause a performance issue (regression)

    In Firefox 33, regular expression operations on strings represented only as Latin-1 characters could be very slow, sometimes leading to a hang. This regression, due to an internal character encoding change, will be fixed with Firefox 34.

    Complex apps may throw an internal JavaScript error (regression)

    Complex Web appliations like WebGL-powered games may throw an internal JavaScript error that could not be found on the previous versions of Firefox. This regresson, caused by an improved source map support, will be fixed with Firefox 34.

    Networking

    Files may be downloaded partially from misconfigured servers (regression)

    Due to the proper framing check for HTTP 1.1 and later, introduced with Firefox 33, JavaScript, CSS, CSV, PDF and other types of files are partially transferred from misconfigured Web servers. The first case is where the Content-Encoding: gzip header is set while the Content-Length header has a wrong file size. On Apache servers, disabling the mod_deflate module may quickly workaround the issue, though it's not a right solution. Another case is where the terminating zero chunk is missing in chunked transfer encoding responses. These interoperability problems will be fixed with Firefox 33.1 where the framing check is forced only to SPDY, HTTP/2 and later.

    Security

    Legacy Crypto API has been disabled

    The Netscape-derived legacy Crypto API implemented on window.crypto has been disabled, including enableSmartCardEvents and version properties as well as generateCRMFRequest, importUserCertificates, logout and signText methods. These features have never been standardized and therefore will be removed with Firefox 34, while the standard Web Crypto API has been actively implemented. See the MozillaWiki article for details.

    Update: Feedbacks on Firefox 33 have revealed that various banks and government agencies are still using this legacy Crypto API, the crypto.signText method in particular. Therefore, Mozilla has decided to bring the API back with Firefox 34 and remove it again in the near future once a substitute Firefox extension is developed. Firefox 33 users can still re-enable the API by setting the dom.unsafe_legacy_crypto.enabled pref to true, and Firefox 31 ESR users are not affected by this change.

    Legacy CSP implementation has been removed

    The legacy, non-standard Content Security Policy (CSP) parser first shipped with Firefox 4 has been removed in favor of the standard CSP 1.0 spec implemented with Firefox 23. The prefixed X-Content-Security-Policy header is no longer supported.

    Several cipher suites have been disabled

    Some obsolete, insecure or little-used cipher suites have been deprecated and disabled by default to match the cipher suite proposal. Those include 3DES, Camellia, DSS and RC4.

    RSA certificates using weak signatures less than 1024-bit are no longer accepted

    RSA 512, 1000 and 1023-bit certificates are now blocked by Firefox since they are not sufficient for security. Most certificates currently being issued should have a 2048-bit key length.

    Video/Audio

    HTMLTrackElement's loaded event has been renamed to load

    The implementation of the HTMLTrackElement interface has been updated to fire a load event instead of loaded, to comply with the latest spec.

    Document Tags and Contributors

    Contributors to this page: trevorh, kohei.yoshino, kscarfone, arai
    Last updated by: kohei.yoshino,