Mozilla just released the official version of Firefox 87.0. After Firefox 85 in December last year and Firefox 86 in February this year, Firefox 87 this month mainly introduced the “Smart Block” function to improve the private browsing experience.
Earlier, we have introduced that Firefox 87 will trim the path and query string in the HTTP Referrers header by default to prevent the site from accidentally leaking user’s sensitive data. As the latest stable version of the open-source browser launched by Mozilla, Firefox 87.0 has also improved the HTTP Referrers URL policy and can trim scripts embedded in URLs.
Previously, Firefox has blocked third-party tracking scripts by default for a long time. In most cases, this experience is quite seamless. However, in some cases, the missing tracking script will still cause some interference in the rendering of the web page, for example, as shown in the figure below, it will cause permanent damage to the page.
To this end, Smart Block has taken additional steps to improve the rendering on pages embedded with third-party trackers. It will not simply and rudely remove the tracking script and leave a hole in the original location, but replace it with what Mozilla calls a “stand-in” script.
The feature of the replacement script is similar to that of the original tracker, in order to reproduce the presentation order and results of the original page as much as possible without leaking the actual data to a third party.
Join Our RealMi Central Channel On Telegram
Finally, when you embed images of other websites into your own website, the viewing information about that website will also be leaked to the operators of other websites. For example, we set up a virtual search engine called greatsearch.tld, and then use the sheep-pictures.tld operator to embed a sheep image on each page result page.
The HTML code is as follows:
- <img src=https://sheep-pictures.tld/sheep1.jpg>
When the user uses the site, the browser will see the mark and automatically download the picture https://sheep-pictures.tld/sheep1.jpg on the presentation page. Traditionally, the entire URL of the referral page is included in the web request, which means that the information will be leaked to the website operator through sheep-pictures.tld, and they will see the following in the log:
- 240.163.255.110–[15/Mar/2021:10:28:57 -0400] “GET /sheep1.jpg
- HTTP/1.1″ 200 11676 “http://greatsearch.tld/res
- ults? really-embarrassing-medical-condition”
But if you have upgraded your browser to Firefox 87.0, sheep-pictures.tld will only leave the following operation log:
- 240.163.255.110–[15/Mar/2021:10:28:57 -0400] “GET /sheep1.jpg
- HTTP/1.1″ 200 11676 “http://greatsearch.tld/”
Finally, Firefox 87.0 also contains other fixes and functional improvements.
- You can enable Highlight All when searching for web pages;
- Fully support the VoiceOver function of the built-in screen reader of macOS;
- Some security fixes and general adjustments (see Mozilla’s Firefox 87.0 release notes for details).
Download Link
If you like our news and you want to see such news even further, then follow RealMi Central on Telegram, Twitter, Facebook (Page) (Group) & Instagram.