WTF no comment on webassembly?
Suddenly get a whole new (compiled) code execution environment like the ones oracle and adobe have been getting wrong over and over for decades and no one blinks an eye?
What are the chances this doesn't have exploitable vulnerabilities and why the hell should we all be forced to take the risk when there is barely any webassembly content to benefit from?
My recommendation for a couple of years would be
about:config
javascript.options.wasm;false
unless you have particular reason to want webassembly.
Biting the hand that feeds IT
