Fixes for Firefox 67 regression issue

Sami Ekblad
On May 27, 2019 12:55:00 PM
In Product

The Firefox 67 update, published on May 21, broke many web apps. The new Universal 2nd Factor API, now enabled by default, reserves a global variable called u2f. Updated Vaadin versions are now available.

The new Universal 2nd Factor API may break especially applications using JavaScript obfuscators and minifiers like GWT. As a result, for example, some Vaadin 7 and 8 applications may be broken with the latest Firefox 67. Some applications work to some extent, some break on start, some are unaffected. All Vaadin 10+ applications are verified to be unaffected.

To fix the issue, the u2f variable needs to be blacklisted and applications need to be re-compiled. The easiest way to do this is to update to the latest maintenance releases pushed out already today. Unaffected versions are 8.8.2 upwards and 7.7.19 upwards (covered by our extended support). GWT itself is not yet fixed, but we managed to figure out a workaround for the issue. See the GitHub issue for more details or contact our support in case you need to patch your GWT or older Vaadin 6 application.

Sami Ekblad
Sami Ekblad is one of the original members of the Vaadin team. He is now working as a framework advocate, and you can find many add-ons and code samples to help you get started with Vaadin. Follow at – @samiekblad
Other posts by Sami Ekblad