At this time we are in the branch of Firefox 68.xx and in a matter of weeks version 69 of Firefox will be released, of which we have already released some details here on the blog. (you can check the following link).
But as Mozilla developers will know they go a little further Regarding development and proposals for changes and functions for the next versions of the browser, all of them first go through a testing phase, either in the nightly versions of Firefox or only to launch them for certain countries or users.
What does Firefox 70 have in store for us?
With this, it is possible to know a little more about what is expected for the browser and such the case for the launch of Firefox 70, which is scheduled for October 22.
For this next version of Firefox 70 has a proposal for the methods to display the HTTPS and HTTP protocols in the browser address bar.
Address bar changes
Pages open through HTTP will have an insecure connection icon, which will also show up for HTTPS in case of certificate issues.
The link for http will be displayed without specifying the protocol "http: //", but for HTTPS the protocol display is left for now. The address bar will no longer display information about the company when using the EV certificate verified on the site.
In addition, instead of the button «(i)», an indicator of the security level of the connection will be displayed, which will allow evaluating the status of the code lock modes for movement tracking.
The lock symbol color for HTTPS will change from green to gray (you can return green color via security.secure_connection_icon_color_gray setting).
In general, browsers are moving from positive security indicators to displaying warnings about security problems.
The significance of assigning HTTPS separately is lost because in modern realities the vast majority of requests are processed using encryption and are perceived as given protection, not additional protection.
The information about the EV certificate will be removed from the drop-down menu. To return the display of information about the EV certificate in the address bar, the option "security.identityblock.show_extended_validation" was added to about: config.
Recycling the address bar generally repeats the previously approved changes for Chrome, but in Firefox it is not planned to hide the subdomain "www" by default and add the Signed HTTP Exchanges (SXG) mechanism.
SXG allows a site owner to digitally authorize the placement of certain pages on another site, after which if these pages are accessed on the second site, the browser will show the user the URL of the originating site, despite the fact that the page is loaded from another host.
What if it has not been confirmed is the information about the intention to hide "https: //" that appears in the initial version of the news, but the ticket with this offer was placed in the "task" status and was added to the summary list of tasks to change the HTTPS display in the address bar.
Secondary and FTP request blocking
Another change that has been announced is the decision to prohibit the completion of authority confirmation requests initiated from iframe blocks downloaded from another domain.
The change will allow blocking some abuses and moving to a model in which authorization is requested only from the main domain of the document, which is displayed in the address bar.
Another notable change in Firefox 70 it will stop playing the content of the files uploaded via ftp.
When opening resources via FTP, downloading files to disk will now be forced to start, regardless of the file type (for example, when opened via ftp, images, README and html files will no longer be displayed).
In addition, in the new version, a location access indicator will appear in the address bar, allowing you to visually assess the activity of the geolocation API and, if necessary, revoke the site's right to use it.