Released on August 10, Firefox 91 delivers HTTPS by Default in Private Browsing mode and an enhanced cookie clearing option.
Increased security with HTTPS by Default
HTTP over TLS (HTTPS) encrypts the data (personal info, passwords, etc.) sent between web browsers and websites so that attackers on the network can’t view it, grab it or modify it.
“While there remain many websites that don’t use HTTPS by default, a large fraction of those sites do support the optional use of HTTPS. In such cases, Firefox Private Browsing Windows now automatically opt into HTTPS for the best available security and privacy,” Mozilla explained.
“In the cases where the website does not support HTTPS, Firefox will automatically fall back and establish a connection using the legacy HTTP protocol instead.”
While this behavior is now the default in Private Browsing mode, Firefox users will have to wait a few more months for it to be introduced in the “regular” browsing mode.
Private Browsing mode prevents the browser from storing your browsing information (such as history and cookies). “It helps you obscure your online activity from other people who use Firefox on your computer, but does not make you invisible online,” Mozilla notes.
You can set Firefox to use Private Browsing by default in Firefox’s Preferences (> Privacy & Security > History > Use custom settings for history > Always use private browsing mode).
As a side-note: Google has announced the introduction of HTTPS-First Mode (as an opt-in option) in the upcoming Chrome v94.
Increased privacy with Enhanced Cookie Clearing
Until now, Firefox stored cookies and data set by websites into separate “cookie jars” (per website), but “emptying” those would result in the clearing of only those set by the websites, and not the ones stored by sites embedded on it (e.g., facebook.com).
The new Enhanced Cookie Clearing option allows you to simultaneously delete all data a website AND third parties embedded in that website have stored on your computer.
The feature works only if you have Strict Tracking Protection enabled.
“Once enabled, Enhanced Cookie Clearing will be used whenever you clear data for specific websites. For example, when using ‘Clear cookies and site data’ in the identity panel (lock icon) or in the Firefox preferences,” Mozilla explained.
“If you not only want to remove a site’s cookies and caches, but want to delete it from history along with any data Firefox has stored about it, you can use the ‘Forget About This Site’ option in the History menu,”