In the latest milestone update of Mozilla Firefox, users of the open-source web browser have lost what was once a key feature.
Firefox 64, which became generally available on Dec. 11, dropped direct integrated support for RSS feed preview and live bookmarks. RSS (Really Simple Syndication) is a capability that enables users to quickly see a list of recent items from a given website. On eWEEK, for example, the RSS icon is on the top right-hand corner of the page. Prior to Firefox 64, users could simply click on the RSS icon and get an integrated inline page experience showing items.
“After reviewing the usage data and technical maintenance requirements for these features and taking into account alternative RSS/Atom feed readers already available to you, we have realized that these features have an outsized maintenance and security impact relative to their usage,” Mozilla stated. “Removing the feed reader and Live Bookmarks allows us to focus on features that make a greater impact.”
While RSS feed preview is no longer directly integrated into Firefox, multiple third-party add-ons are available that users can choose to install that will provide a similar type of functionality.
Tab Management
One of the original marquee features that Firefox brought to the web browser world was the idea of tabs for browsing. With Firefox 64, Mozilla has enhanced tab management capabilities, enabling users to move close or bookmark multiple tabs at the same time.
Mozilla has also improved a number of its browser monitoring capabilities, including performance management, which Firefox users can access by simply typing “about:performance” in the Firefox address bar.
“The new Task Manager page found at about:performance lets you see how much energy each open tab consumes and provides access to close tabs to conserve power,” the Firefox 64 release notes state.
Security Fixes
Mozilla is patching 11 vulnerabilities in Firefox 64, with only two of the advisories rated as being critical. Both deal with memory safety issues that could potentially allow an attacker to execute arbitrary code.
Among the high-impact flaws fixes in Firefox 64 is a same-origin policy violation identified as CVE-2018-18494. Same origin policy is a standard web security approach that limits the ability of a script to only work on pages that have the same origin.
“A same-origin policy violation allowing the theft of cross-origin URL entries when using the Javascript location property to cause a redirection to another site using performance.getEntries(),” Mozilla warned in its advisory. “This is a same-origin policy violation and could allow for data theft.”
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.