Firefox 86 Is Released With Drastically Improved WebGL Performance
"Total Cookie Protection" if "Strict Mode" is enabled, multiple videos in picture-in-picture mode, 12 security fixes and vastly improved WebGL performance on Linux machines with a dedicated GPU are among the highlights in Mozilla Firefox 86.
Mozilla Firefox 86 with a BTS theme displaying the Naver TV website.
Today's Firefox 86 release brings a unusually high number of new features, security fixes and a huge performance-boost for WebGL content.
"Total" Cookie Protection
Firefox 86 brings a new feature that will annoy advertisers and big tech immensely and brings some joy to privacy-concerned web surfers: Total Cookie Protection. This new feature isolates cookie storage, including third party cookies, on a per-site basis. This means that a third party cookie set by a third party script loaded on site A is invisible to that same third party script if it is loaded from site B. This eliminates all cross-site tracking using web browser cookies. It is, of course, still possible to match a person visiting site A with a visit to site B using other more devious techniques like web browser fingerprinting.
"Total Cookie Protection" is not enabled by default, it is only used if Mozilla Firefox is configured with set to in ▸ ▸ .
Vastly Improved WebGL Performance
WebGL and Canvas operations have been moved to a separate thread responsible for handling rendering operations on either the GPU or the CPU depending on how Firefox is configured and what platform you are running it on. Mozilla story is that this provides "Notable performance and stability improvements". That story does hold water. Mozilla Firefox 86 is by default, on some systems, almost twice as fast when rendering WebGL content compared to previous versions.
Firefox 86 is still behind Chromium-based web browsers when it comes to WebGL performance, but the gap is far less than it used to be with default settings. Firefox 85 scored a dismal 51341 in the Unity WebGL 2018 benchmark with default settings on a Ryzen machine with a AMD GPU. Enabling
about:config, enabling "OpenGL rendering", brought that up to 75622. Firefox 86 scores 82223 with the default "Basic" renderer. That drops down to 73273 when "OpenGL rendering" is enabled on the AMD test machine. You may want to disable
layers.acceleration.force-enabled if you have previously enabled that setting in order to improve the horrid default performance in previous versions had on machines with dedicated AMD GPUs.
The default WebGL performance is also better on the Intel i7-5500U powered test-laptop. It scores 47117, up from 40848 in Firefox 85, in the Unity WebGL 2018 benchmark with out-of-the-box settings. That improves to 48867 with "OpenGL Rendering" so
layers.acceleration.force-enabled may still be desirable if you are using a computer with integrated Intel graphics.
Other New Features
Firefox 86 supports watching multiple videos in "Picture-in-Picture" mode. Picture-in-Picture is still enabled by a big very annoying
The reader mode can now be used on files read from the local file system.
The backspace key is disabled, which used to function as a
Back key, has been disabled outside of text-forms. The reasoning is that users who have typed text into a form and clicked outside it, thereby losing focus on it, could press backspace and lose all previously typed text when the browser switches to the previously viewed page. It is possible to override this new behavior and still use the backspace key to navigate to previously viewed pages using a new
browser.backspace_action option. Another option us to use alt+left arrow and alt+right arrow to move between previous/next page.
The SSB (Site Specific Browser) mode that would let you start Firefox in a special mode without navigation buttons using
--ssb option has been removed. This is something that will greatly affect you if you are using Firefox in any kind of kiosk deployment where you want users to be locked to a single web portal. Nobody else will miss this feature and the
--ssb option hasn't worked on Linux builds for years so nothing's changed as far as Linux users are concerned.
The Firefox build system enables stack clash attack protection (
-fstack-clash-protection) during complication for Linux and Android by default. This makes the compiler insert prove calls on static and dynamic allocations in order to detect stack overflows and block stack-heap attacks.
WebRTC support for DTLS (Datagram Transport Layer Security) v1.0 has been dropped. WebRTC servers need to, at minimum, support DTLS 1.2. This is good security-wise, but it could mean that some ancient WebRTC based service you're using stops working when you upgrade to Firefox 86.
Firefox 86 has fixes for a 12 security vulnerabilities. Five of them are described as "High" impact. Those are:
- CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect
- CVE-2021-23970: Multithreaded WASM triggered assertions validating separation of script domains
- CVE-2021-23968: Content Security Policy violation report could have contained the destination of a redirect
- CVE-2021-23978: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8
- CVE-2021-23979: Memory safety bugs fixed in Firefox 86
Four of the security-fixes are said to have a "Medium" impact, and 3 are marked as "Low".
You can get the latest Firefox version from mozilla.org/en-US/firefox/new/ or get it as a Flatpak from Flathub (org.mozilla.firefox). Most Linux distributions will have Firefox 86 in their repositories within a week or two.