The Cross-Origin Resource Policy (CORP) header is employed by developers to protect their website against cross-origin requests, or from outside the domain itself.

While CORP helps to safeguard against attacks like Spectre and Meltdown, which is a side-channel attack based on hardware vulnerabilities that held sway in early 2018 and resulted major efforts by browser vendors, and chip company such as Intel to provide patches.

Starting with Firefox 74, Mozilla has enabled support for CORP, an additional layer of protection beyond the default same-origin policy, which complements Cross-Origin Read Blocking (CORB), a mechanism that prevent cross-origin reading by default.

Security & Privacy focused features on Firefox 74


Along with CORP, Mozilla-baked Facebook Container, an add-on that locks a user's interactions on Facebook inside a separate container in the browser's memory, will get a boost with Firefox 74. So that anything within the container can't be tracked outside the container.

What this means is that even Facebook cannot track any of its users when browsing within the Facebook Container on Firefox 74, and also won't be able to follow them elsewhere on the web.

Albeit, Facebook Container isn't a new feature, as Mozilla launched it about two years ago. But Firefox 74 makes it possible for users to add custom sites to list that Facebook's credentials can be used to log on to, which on installment or upgrade, will be recommended as add-on by Mozilla.

Firefox 74 puts an End to Sideloading


Sideloading is a term that describes how third-party applications install associated add-on to Firefox browser. It has been an Achilles' heel to most browsers, that several makers have resorted to ban it outright, citing security concerns.

Mozilla had promised to also ban the practice, and Firefox 74 is the version that eventually drops support for sideloading. Going forward, Firefox users will need to take an explicit action in installing a sideloaded add-on on Firefox, and can also delete them from the Add-Ons Manager.

However, any add-on that was sideloaded previously would not be removed by Firefox, but it will not permit new sideload on Firefox 74. And Firefox 74 is available for download on Windows, macOS and Linux from Mozilla's official site.

Mozilla brings support for Cross-Origin Resource Policy (CORP) with Firefox 74



The Cross-Origin Resource Policy (CORP) header is employed by developers to protect their website against cross-origin requests, or from outside the domain itself.

While CORP helps to safeguard against attacks like Spectre and Meltdown, which is a side-channel attack based on hardware vulnerabilities that held sway in early 2018 and resulted major efforts by browser vendors, and chip company such as Intel to provide patches.

Starting with Firefox 74, Mozilla has enabled support for CORP, an additional layer of protection beyond the default same-origin policy, which complements Cross-Origin Read Blocking (CORB), a mechanism that prevent cross-origin reading by default.

Security & Privacy focused features on Firefox 74


Along with CORP, Mozilla-baked Facebook Container, an add-on that locks a user's interactions on Facebook inside a separate container in the browser's memory, will get a boost with Firefox 74. So that anything within the container can't be tracked outside the container.

What this means is that even Facebook cannot track any of its users when browsing within the Facebook Container on Firefox 74, and also won't be able to follow them elsewhere on the web.

Albeit, Facebook Container isn't a new feature, as Mozilla launched it about two years ago. But Firefox 74 makes it possible for users to add custom sites to list that Facebook's credentials can be used to log on to, which on installment or upgrade, will be recommended as add-on by Mozilla.

Firefox 74 puts an End to Sideloading


Sideloading is a term that describes how third-party applications install associated add-on to Firefox browser. It has been an Achilles' heel to most browsers, that several makers have resorted to ban it outright, citing security concerns.

Mozilla had promised to also ban the practice, and Firefox 74 is the version that eventually drops support for sideloading. Going forward, Firefox users will need to take an explicit action in installing a sideloaded add-on on Firefox, and can also delete them from the Add-Ons Manager.

However, any add-on that was sideloaded previously would not be removed by Firefox, but it will not permit new sideload on Firefox 74. And Firefox 74 is available for download on Windows, macOS and Linux from Mozilla's official site.

No comments