Firefox 33 was released on . While it has been developed to maintain compatibility as much as possible, the new version includes some changes affecting backward compatibility aimed at improving interoperability with the other browsers or following the latest Web standards. Here's the list of such changes — hope this helps whenever you test your sites or applications.
This article only explains the changes that may affect backward compatibility for websites. For the other new features and changes, please read the following documents:
ethiopic-numeric has been unprefixed
ethiopic-numeric value for the
list-style-type property has been unprefixed since the style has been defined in the CSS3 Counter Styles spec. The prefixed value support will be removed some time in the future.
list-style-type now leads to ordered list instead of unordered list
Starting with Firefox 33, invalid
list-style-type property values, like
disk, are fallbacked to
decimal instead of
disc, to follow the CSS3 Counter Styles spec.
XMLHttpRequest.mozBackgroundRequest has been removed
mozBackgroundRequest property on the
XMLHttpRequest interface is no longer available from Web content.
touchleave events have been dropped
KeyboardEvent.key values have been deprecated
- Bug 1024864 – For renaming some key values of KeyboardEvent.key on 33, we should warn it on the Console
KeyboardEvent.key values are now considered deprecated and warned in the Web Console prior to the change in Firefox 34 to comply with the latest DOM3 spec. Those include
DeadKeys. Check out the
KeyboardEvent.key document for the complete list of key values.
FileHandle API has been updated
The implementation of the FileHandle API has been updated. The
IDBDatabase.mozCreateFileHandle method has been renamed to
IDBDatabase.createMutableFile. Also, the
LockedFile interfaces have been respectively renamed to
IDBFileHandle, though consumers don't have to check these object names.
event.timeStamp now returns
DOMHighResTimeStamp on Nightly/Aurora for Windows
- Bug 1022396 – Make Event.timeStamp return a DOMHighResTimeStamp on Windows (was Event.timeStamp should be relative to 1st January 1970 rather than the system start)
On the Nightly and Aurora channels for Windows, the
event.timeStamp property now returns a
DOMHighResTimeStamp in microseconds, instead of a traditional time stamp in milliseconds. This feature is still disabled on the Beta and Release channels, and not yet implemented on other platforms.
Number.toInteger has been removed
Evaluation order of default parameters and functions inside function body is changed
Default parameters, implemented with Firefox 15, were evaluated after functions inside the function body, but now are evaluated before those functions. So those functions cannot be referred from default parameters.
Regex on Latin-1-only strings may cause a performance issue (regression)
In Firefox 33, regular expression operations on strings represented only as Latin-1 characters could be very slow, sometimes leading to a hang. This regression, due to an internal character encoding change, will be fixed with Firefox 34.
Files may be downloaded partially from misconfigured servers (regression)
Content-Encoding: gzip header is set while the
Content-Length header has a wrong file size. On Apache servers, disabling the
mod_deflate module may quickly workaround the issue, though it's not a right solution. Another case is where the terminating zero chunk is missing in chunked transfer encoding responses. These interoperability problems will be fixed with Firefox 33.1 where the framing check is forced only to SPDY, HTTP/2 and later.
Legacy Crypto API has been disabled
- Bug 1036546 – soft-disable proprietary window.crypto functions/properties before removing them entirely
- Bug 1083118 – window.crypto.signText replacement
The Netscape-derived legacy Crypto API implemented on
window.crypto has been disabled, including
version properties as well as
signText methods. These features have never been standardized and therefore will be removed with Firefox 34, while the standard Web Crypto API has been actively implemented. See the MozillaWiki article for details.
Update: Feedbacks on Firefox 33 have revealed that various banks and government agencies are still using this legacy Crypto API, the
crypto.signText method in particular. Therefore, Mozilla has decided to bring the API back with Firefox 34 and remove it again in the near future once a substitute Firefox extension is developed. Firefox 33 users can still re-enable the API by setting the
dom.unsafe_legacy_crypto.enabled pref to
true, and Firefox 31 ESR users are not affected by this change.
Legacy CSP implementation has been removed
The legacy, non-standard Content Security Policy (CSP) parser first shipped with Firefox 4 has been removed in favor of the standard CSP 1.0 spec implemented with Firefox 23. The prefixed
X-Content-Security-Policy header is no longer supported.
Several cipher suites have been disabled
- Bug 1036765 – Disable cipher suites that are not in the "Browser Cipher Suite" proposal that are still enabled
Some obsolete, insecure or little-used cipher suites have been deprecated and disabled by default to match the cipher suite proposal. Those include 3DES, Camellia, DSS and RC4.
RSA certificates using weak signatures less than 1024-bit are no longer accepted
RSA 512, 1000 and 1023-bit certificates are now blocked by Firefox since they are not sufficient for security. Most certificates currently being issued should have a 2048-bit key length.
loaded event has been renamed to
The implementation of the
HTMLTrackElement interface has been updated to fire a
load event instead of
loaded, to comply with the latest spec.