Basilisk is a free and Open Source XUL-based web browser created by the developers of the Pale Moon browser. It is based on the Goanna layout and rendering engine (a fork of Gecko) and builds on the Unified XUL Platform (UXP), which in turn is a fork of the Mozilla code base without Servo or Rust.
Basilisk as an application is primarily a vessel for development of the XUL platform it builds upon, and additionally a potential replacement for Firefox to retain the use of Firefox Extensions. It aims to retain useful technologies that its sibling Firefox has removed.
Requires Windows 7 or later. Windows XP or Windows Vista are not supported.
- Support for all NPAPI plugins (Unity, Silverlight, Flash, Java, authentication plugins, etc.).
- Support for XUL/Overlay Mozilla-style extensions.
- Experimental support for WebExtensions (in gecko-target mode). Please note that some Mozilla-specific WebExtension APIs are not yet available.
- Support for ALSA on Linux.
- Support for WebAssembly (WASM).
- Support for advanced Graphite font shaping features.
- Support for modern web cryptography: up to TLS 1.3, modern ciphers, HSTS, etc.
Important differences with Mozilla Firefox:
- Uses Goanna as a layout and rendering engine. Goanna behaves slightly differently than Gecko in certain respects and may result in different display of web pages. e.g.: Goanna renders gradients in a more accurate color space (non-premultiplied).
- Builds on UXP, our XUL platform in development. As such XUL is alive and well in this browser and will not be deprecated.
- Has some long-standing known issues with the Mozilla code-base fixed (e.g. CVE-2009-1232).
- Does not use Rust or the Photon user interface. You can expect a familiar interface as-carried by Firefox between v29 and v56.
- Does not use Electrolysis (e10s, multi-process browsing).
- Does not require walled-garden extension signing.
Basilisk 2018.06.01 changelog:
This is a development and security release.
- Updated our strings for soft-blocked items so people will cry less when we do our job and warn about known-problematic add-ons.
- Fixed a regression in site-specific user-agent overrides that would prevent proper application on subdomains.
- Improved the reader view API.
- Removed more dead code from our tree (crashreporter components, gonk).
- Removed DMD code.
- Removed jprof profiler code.
- Removed the SPS profiler.
- Slimmed down IPC (ongoing).
- Removed the Social API code.
- Fixed some media back-end crashes and instabilities.
- Updated the fetch API to be more web-compatible.
- Limited maximum accepted image sizes for PNG images to prevent abuse/browser DoS.
- Blocking of top-level data: navigations is now enabled by default.
- Fixed security issues: CVE-2017-0381, CVE-2018-5174, CVE-2018-5155, CVE-2018-5173, CVE-2018-5177, CVE-2018-5159, CVE-2018-5167, CVE-2018-5154 and CVE-2018-5178.
- Fixed a number of stability and memory safety hazards that do not have CVE numbers.
Get alerted to all of our Software updates on Twitter at @NeowinSoftware