Basilisk is a free and Open Source XUL-based web browser created by the developers of the Pale Moon browser. It is based on the Goanna layout and rendering engine (a fork of Gecko) and builds on the Unified XUL Platform (UXP), which in turn is a fork of the Mozilla code base without Servo or Rust.
Basilisk as an application is primarily a vessel for development of the XUL platform it builds upon, and additionally a potential replacement for Firefox to retain the use of Firefox Extensions. It aims to retain useful technologies that its sibling Firefox has removed.
Requires Windows 7 or later. Windows XP or Windows Vista are not supported.
- Support for all NPAPI plugins (Unity, Silverlight, Flash, Java, authentication plugins, etc.).
- Support for XUL/Overlay Mozilla-style extensions.
- Experimental support for WebExtensions (in gecko-target mode). Please note that some Mozilla-specific WebExtension APIs are not yet available.
- Support for ALSA on Linux.
- Support for WebAssembly (WASM).
- Support for advanced Graphite font shaping features.
- Support for modern web cryptography: up to TLS 1.3, modern ciphers, HSTS, etc.
Important differences with Mozilla Firefox:
- Uses Goanna as a layout and rendering engine. Goanna behaves slightly differently than Gecko in certain respects and may result in different display of web pages. e.g.: Goanna renders gradients in a more accurate color space (non-premultiplied).
- Builds on UXP, our XUL platform in development. As such XUL is alive and well in this browser and will not be deprecated.
- Has some long-standing known issues with the Mozilla code-base fixed (e.g. CVE-2009-1232).
- Does not use Rust or the Photon user interface. You can expect a familiar interface as-carried by Firefox between v29 and v56.
- Does not use Electrolysis (e10s, multi-process browsing).
- Does not require walled-garden extension signing.
Basilisk 2018.04.24 release notes:
This is the first release on the re-forked and re-based UXP. Regressions are possible as a result.
- New release based on UXP (take 2) which is an earlier Mozilla fork-point.
- Implemented (in ongoing fashion) additional spec compliance patches for HTML, DOM and various other standards.
- Includes all previous security fixes.
- Added blocking of top-level data: URLs.
- Fixed several issues with docshell loads.
- Resolved issues with application.ini not allowing non-mcp applications to be official and have their own vendor.
- Regression fix: WebExtensions - commands API does not support shortcuts with space or numbers.
- Regression fix: Set a sandboxName on the WebExtensions Content Script sandboxes.
- Regression fix: (Windows) Security - Certificate Stores - NSSCertDBTrustDomain allows end-entities to be their own trust anchors.
- Regression fix: Re-implemented several improvements for pointer events.
- Regression fix: DOM - Fix incorrect TypeError: Response body is given with a null body status.
- Re-introduced some site-specific overrides that were erroneously removed (fixes e.g. dailymotion).
- Regression fix: Optimize operations on roots of deeply-nested frame trees (layout performance).
- Tweaked fullscreen API settings (add unprefixed API calls, remove too-long duration black fade).
- Removed Google Safebrowsing selections from preferences by default (it's disabled).
- Reverted the incomplete addition of the pluralforms Intl API as it caused problems.
Get alerted to all of our Software updates on Twitter at @NeowinSoftware