User:Sohom Datta/ffx

Security
From its inception, Firefox was positioned as a security-focused browser. At the time, Internet Explorer, the dominant browser, was facing a security crisis. Multiple vulnerabilities had been found, and malware like Download.Ject could be installed simply by visiting a compromised website. The situation was so bad that the US Government issued a warning against using Internet Explorer. Firefox, being less integrated with the operating system, was considered a safer alternative since it was less likely to have issues that could completely compromise a computer. This led to a significant increase in Firefox's popularity during the early 2000s as more secure alternative. Moreover, Firefox was considered to have fewer actively exploitable security vulnerabilities compared to its competitors. In 2006, The Washington Post reported that exploit code for known security vulnerabilities in Internet Explorer were available for 284 days compared to only nine days for Firefox before the problem was fixed. A Symantec study around the same period showed that even though Firefox had a higher number of vulnerabilities, on average vulnerabilities were fixed faster in Firefox than in other browsers during that period.

During this period, Firefox used a monolithic architecture, like most browsers at the time. This meant all browser components ran in a single process with access to all system resources. This setup had multiple security issues. If a web page used too many resources, the entire Firefox process would hang or crash, affecting all tabs. Additionally, any exploit could easily access system resources, including user files. Between 2008 and 2012, most browsers shifted to a multiprocess architecture, isolating high-risk processes like rendering, media, GPU, and networking. However, Firefox was slower to adopt this change. It wasn't until 2015 that Firefox started its Electrolysis (e10s) project to implement sandboxing across multiple components. This rewrite relied on interprocess communication using Chromium's interprocess communication library and placed various component including the rendering component in its own sandbox. Firefox released this rewrite in to beta in August 2016, noting a 10-20% increase in memory usage, which was lower than Chrome's at the time. However, the rewrite caused issues with their legacy extension API, which was not designed for cross-process communication and required cross-process shim code to function correctly. After over a year in beta, the rewrite was enabled by default all users of Firefox in November 2017.

In 2012, Mozilla launched a new project called Servo to write a completely new and experimental browser engine utilizing memory safe techniques written in Rust. In 2018, Mozilla opted to integrate parts of the Servo project into the Gecko engine in a project codenamed the Quantum project. The project completely overhauled Firefox's page rendering code resulting in performance and stability gains while also improving the security of existing components. Additionally, the older incompatible extension API was removed in favour of a WebExtension API that more closely resembled Google Chrome's extension system. This broke compatibility with older extensions but resulted in lesser vulnerabilities and a much more maintainable extension system. While the Servo project was intended to replace more parts of the Gecko Engine, however this plan never came to fruition since in 2020, Mozilla laid of all developers on the Servo team transferring ownership of the project to the Linux Foundation.

Firefox limits scripts from accessing data from other websites based on the same-origin policy. It also provides support for smart cards to web applications, for authentication purposes. It uses TLS to protect communications with web servers using strong cryptography when using the HTTPS protocol. The freely available HTTPS Everywhere add-on enforces HTTPS, even if a regular HTTP URL is entered. Firefox now supports HTTP/2.

The Mozilla Foundation offers a "bug bounty" (US$3,000 to US$7,500 cash reward) to researchers who discover severe security holes in Firefox. Official guidelines for handling security vulnerabilities discourage early disclosure of vulnerabilities so as not to give potential attackers an advantage in creating exploits.

On January 28, 2013, Mozilla was recognized as the most trusted internet company for privacy in 2012. This study was performed by the Ponemon Institute and was a result of a survey from more than 100,000 consumers in the United States.

In February 2013, plans were announced for Firefox 22 to disable third-party cookies by default. However, the introduction of the feature was then delayed so Mozilla developers could "collect and analyze data on the effect of blocking some third-party cookies." Mozilla also collaborated with Stanford University's "Cookie Clearinghouse" project to develop a blacklist and whitelist of sites that will be used in the filter.

Version 23, released in August 2013, followed the lead of its competitors by blocking iframe, stylesheet, and script resources served from non-HTTPS servers embedded on HTTPS pages by default. Additionally, JavaScript could also no longer be disabled through Firefox's preferences, and JavaScript was automatically re-enabled for users who upgraded to 23 or higher with it disabled. The change was made due to its use across the majority of websites, the potential repercussions on inexperienced users who are unaware of its impact, along with the availability of extensions such as NoScript, which can disable JavaScript in a more controlled fashion. The following release added the ability to disable JavaScript through the developer tools for testing purposes.

Beginning with Firefox 48, all extensions must be signed by Mozilla to be used in release and beta versions of Firefox. Firefox 43 blocked unsigned extensions but allowed enforcement of extension signing to be disabled. All extensions must be submitted to Mozilla Add-ons and be subject to code analysis in order to be signed, although extensions do not have to be listed on the service to be signed. On May 2, 2019, Mozilla announced that it would be strengthening the signature enforcement with methods that included the retroactive disabling of old extensions now deemed to be insecure. A Firefox update on May 3 led to bug reports about all extensions being disabled. This was found to be the result of an overlooked certificate and not the policy change set to go into effect on June 10.

In Firefox versions prior to 7.0, an information bar appears on the browser's first start asking users whether they would like to send performance statistics, or "telemetry", to Mozilla. It is enabled by default in development versions of Firefox, but not in release versions. According to Mozilla's privacy policy, these statistics are stored only in aggregate format, and the only personally identifiable information transmitted is the user's IP address.

Since version 60 Firefox includes the option to use DNS over HTTPS (DoH), which causes DNS lookup requests to be sent encrypted over the HTTPS protocol. To use this feature the user must set certain preferences beginning with "network.trr" (Trusted Recursive Resolver) in about:config: if network.trr.mode is 0, DoH is disabled; 1 activates DoH in addition to unencrypted DNS; 2 causes DoH to be used before unencrypted DNS; to use only DoH, the value must be 3. By setting network.trr.uri to the URL, special Cloudflare servers will be activated. Mozilla has a privacy agreement with this server host that restricts their collection of information about incoming DNS requests.

On May 21, 2019, Firefox was updated to include the ability to block scripts that used a computer's CPU to mine cryptocurrency without a user's permission, in Firefox version 67.0. The update also allowed users to block known fingerprinting scripts that track their activity across the web, however it does not resist fingerprinting on its own.

On July 2, 2019, Mozilla introduced a mechanism to allow Firefox to automatically trust OS-installed certificates to prevent TLS errors.

In October 2019, ZDNet reported Firefox version 68 ESR passed all minimum requirements for mandatory security features during an exam by the Federal Office for Information Security of Germany.

In March 2021, Firefox launched SmartBlock in version 87 to offer protection against cross-site tracking, without breaking the websites users visit. Also known as state partitioning or "total cookie protection", works via a feature in the browser that isolates data from each site visited by the user to ensure that cross-site scripting is very difficult if not impossible. The feature also isolates local storage, service workers and other common ways for sites to store data.