They are both very important but I don't believe that is true.
I found an xpi extension on bugzilla before the first leadership change that I can't fucking find anymore.
It blocks silent cross-site Authentication Header cookies that you CANNOT normally block. They are SuperCookies. The site can silently "authenticate" without your knowledge creating a basic auth authentication "Supercookie" that is remembered and retained until browser exit (Or possibly remembered by your Session saver extension if so configured) and can be used to bypass the normal cookies that Mozilla has been making "easier" to disable, ha, har har, har.
The extension is called authtest.xpi.
Another that to my knowledge hasn't been ported to Firefox yet is WindowNameEraser which conditionaly clears window.name between transitioning sites. Please check out ip-check.info to see the authtest/Authentication Header and Window Name in action as a proof of concept. Also if not already known panopticlick.eff.org, and browserspy.dk. There are others but I don't have the exhaustive list handy.
Then there is geo location/positioning, canvas, webrtc, visited links (Still not fucking fixed and known about since Phoenix/Gecko/Firefox 1 ), cache. Still firefox aside from Torbrowser or Jondo is the most *secureable* browser out there. What ever security "gains" you get with Chrome OR Chromium fly out the window wrt ip-check.info.
What is a good site to share an extension on and forget about?