The Security subsection of the Wikipedia page for Firefox begins like this:

Firefox allowed for a sandbox security model to manage privileges accorded to JavaScript code, but that feature has since been deprecated.

That sounds really scary, but it’s not exactly true. Why should that be the very first thing mentioned, and how long has it been like that?

This is a story about how changing technology and imprecise terminology can lead to misunderstandings. Despite having closed most of the security and performance gap with Chrome, Firefox is today in a precarious position after many years of declining use. Communicating accurately with users in places like Wikipedia is important for helping shape public perception.

6 January 2005, user Minghong writes an introduction to security in Firefox, stating that Firefox was designed with security in mind and noting a sandbox security model, the same origin policy, and external protocol whitelisting. No reference is given at that time for the sandbox security model.

21 December 2006, user Schapel adds a citation to support Firefox using a sandbox security model. It is an article on developer.mozilla.org titled Bypassing Security Restrictions and Signing Code. The article is a technote intended for developers who might want to bypass security checks for testing purposes. It contains instructions for disabling code signing requirements in order to experiment locally without a certificate. The only mention of a sandbox is in the introduction:

Often it may be necessary to deploy or test code that has to function beyond the safe “sandbox” security zone of the browsing environment.

1 September 2008, Google announces Chrome. The blog post and associated comic by Scott McCloud will change the meaning of sandboxing in the context of browsers.

14 July 2011, The Bypassing Security Restrictions and Signing Code technote is now deprecated. Later revisions to the page will note that the Privilege Manager feature was deprecated in Firefox 12 and disabled in Firefox 17. That is not to say Firefox had a sandbox security model that was disabled in Firefox 17! This is specifically about an old feature that allowed loading pages from inside signed JAR files using a special URI syntax like jar:http://www.site.com/myjar.jar!/signed.html and requesting expanded privileges. For a while signed JavaScript could request permission from the user to create, read, modify, or delete files on hard disks or other storage media connected to your computer. Now it can’t.

21 December 2016, user BigSmallCat removes the statement about Firefox using a sandbox security model, making a note on the talk page explaining that Firefox does not yet implement a sandbox as the term was understood at that time.

21 December 2016, user Walter Görlitz reverts the change made by BigSmallCat, reasoning that if there is a reference then there must have been a security sandbox at one point, but the reference used that word only in passing and with a different meaning. The edits by BigSmallCat reflected changes in the understanding of the meaning of the word “sandbox” in the context of web browsers after the release of Chrome.

On the talk page, Walter Görlitz tells BigSmallCat to “stop removing referenced content. It’s not wrong to say it was sandboxed as the reference supports it,” but they’re not really talking about the same kind of sandboxing and the reference provided was not directly related to the topic.

14 November 2017, improvements are made to the content process sandbox in Firefox 57. The work to split the work of the browser into multiple processes and sandbox them unfolded over many years, but Firefox’s security section on Wikipedia credits the browser as “[beginning to use] a sandbox to isolate web tabs from each other” in November 2018. The introductory statement at the top of that section still describes Firefox’s sandbox security model as deprecated.

26 January 2021, Firefox 85 drops support for Adobe Flash. Other plugins were disabled after Firefox 52. There are no more applets so one original sense of the word sandbox in the context of browsers is now gone.

Considering all of the above, a misunderstanding arose in 2005 when Firefox was described as having a sandbox security model without referring to a specific feature. Later, a page that only incidentally used the word sandbox was added as a citation. When the obscure feature described by that page – a security bypass for testing and development – was removed later editors erroneously concluded that Firefox no longer has a sandbox security model to isolate code. The word sandbox could variously refer to the same origin policy, Sandboxed Applets, the sandbox attribute for iframes, the content security policy, or (most commonly) Practical Windows Sandboxing. It’s distressing to read that Firefox doesn’t have one anymore at the very top of the security section!