Firefox 145 for developers
This article provides information about the changes in Firefox 145 that affect developers. Firefox 145 is the current Nightly version of Firefox and ships on November 11, 2025.
Note: The release notes for this Firefox version are still a work in progress.
Changes for web developers
Changes for add-on developers
- Cookies created with
cookies.set()are now validated, and invalid cookies are rejected. This change was implemented in Nightly only from Firefox 142. (Firefox bug 1976509)
Experimental web features
These features are shipping in Firefox 145 but are disabled by default.
To experiment with them, search for the appropriate preference on the about:config page and set it to true.
You can find more such features on the Experimental features page.
-
Trusted Types API for scripts (Early Beta):
dom.security.trusted_types.enabledThe Trusted Types API is now fully implemented. (Firefox bug 1976656).
The changes include:
- Addition of new interfaces
TrustedTypePolicyFactory,TrustedTypePolicy,TrustedHTML,TrustedScript,TrustedScriptURL, and thetrustedTypesproperty onWindowandWorkerGlobalScope - Updates to injection sink APIs, such as
Element.innerHTMLanddocument.write(), to allow theTrustedHTML,TrustedScript,TrustedScriptURLto be passed as well as strings. - Support for the
require-trusted-types-fordirective of theContent-Security-PolicyHTTP header. This can be used to enforce that trusted types used instead of strings (or use a default policy). - Support for the
trusted-typesdirective of theContent-Security-PolicyHTTP header. This can be used to restrict the allowed names of trusted type policies defined in the page.
- Addition of new interfaces