Except where noted, everything here applies to both Firefox 87 and the Firefox 78.9 ESR.
- (Firefox 87 only) Corporations that use TLS client certificates can flip the network.cors_preflight.allow_client_cert preference to get Google Chrome-compatible handling of the CORS protocol. In particular, contrary to the Fetch Standard, this will transmit TLS client certificates along with a CORS preflight. See bug 1511151 for more information.
- The policies.json file is no longer ignored if policies are specified via GPO (Windows) or configuration profiles (macOS). The policies are combined with GPO or configuration profile taking precedence over policies.json where there are conflicts.