Mozilla says that starting with Firefox 91, users will be able to fully erase the browser history for all visited websites, thus preventing privacy violations due to “sneaky third-party cookies sticking around.”
“When you decide to tell Firefox to forget about a website, Firefox will automatically throw away all cookies, supercookies and other data stored in that website’s cookie jar,” Mozilla said.
“This ‘Enhanced Cookie Clearing’ makes it easy to delete all traces of a website in your browser without the possibility of sneaky third-party cookies sticking around.”
HTTPS enabled by default in private browsing
Mozilla also announced today that, starting with Firefox 91, private browsing windows will automatically switch to secure HTTPS connections by default.
By upgrading all connections to HTTPS, Mozilla aims to protect users from man-in-the-middle (MITM) attacks trying to snoop on or alter data exchanged with web servers over the unencrypted HTTP protocol.
“Whenever you enter an insecure (HTTP) URL in Firefox’s address bar, or you click on an insecure link on a web page, Firefox will now first try to establish a secure, encrypted HTTPS connection to the website,” Mozilla explained.
“In the cases where the website does not support HTTPS, Firefox will automatically fall back and establish a connection using the legacy HTTP protocol instead.”
Mozilla has added an HTTPS-Only Mode starting with Firefox 83 to secure web browsing by rewriting URLs to use HTTPS (even though this feature is disabled by default, it can be easily enabled from the browser’s settings).
Microsoft Edge can also be configured to switch secure HTTPS connections when connecting over HTTP by enabling an experimental Automatic HTTPS option available in the Canary and Developer preview channels.
In April, Google updated Chrome to default to HTTPS for all URLs typed in the address bar if the user doesn’t specify a protocol.
According to Mozilla, while browsing the web in private mode, Firefox defends your privacy using several privacy protection technologies, all enabled by default: