Content Isolation

Firefox lacks support for a fork server that can deduplicate memory when using different sandboxing mechanisms, not controlled by firefox.

On Android, the Zygote is the process spawning subprocesses, and it is used for app sandboxing and browser sandboxing. It deals with deduplicating memory so apps can share the same resources even though they are isolated.

On Linux with Flatpak you have a similar scenario, while the Flatpak sandbox is way less low level compared to the Android sandbox (Android uses SELinux and unix users, Flatpak uses user namespaces).

Firefox now started to work on it. If you use Ironfox, there is a setting where you can enable content isolation and zygote usage, and so far it "just works" for me! So it seems they are working on a fork server.

There was an announcement, and there are bugzilla issues on this matter.

So yes, currently on Android a Chromium based Browser (that actually uses the whole capabilities of Chromium on Android, which some browsers that just use the Webview may not) is still more secure, as it neatly integrates with the zygote and UUID sandbox native to Android.

But Firefox is closing in. I daily drive Ironfox and recommend donating to the project.

Content Filtering

Keep in mind that Firefox has UBlock Origin and thus access to very powerful content filtering.

While blocklist-based filtering is natively integrated in Brave, Cromite and Vanadium too, this is generally a bad approach as it follows "badness enumeration". It lists all the bad things and the moment a new thing appears, you are 🦆ed.

But it does not require any user tweaking and can thus be implemented easily without the need to actually offer user control (apart from an on/off switch maybe).

UBlockOrigin allows to use the "expert mode" where you can disable everything by default. Then you allow content per domain, for this site only or globally. It lacks the "content type header" filtering of NoScript (like Images, CSS, Javascript), but both together are very slow, and uMatrix (which combined them) is dead with no actively maintained forks (sadly).

It looks like this:

This allows to easily prevent malicious code from running at all. If you dont make mistakes, this could eliminate the need for any sandbox (but as you have to allow all sorts of shit or the horrendous modern web doesnt work, you need one anyways).