Basilisk 2024.02.03

Aller sur le site officiel

Basilisk est un navigateur internet "laboratoire", c'est-à-dire, que les développeurs le considère comme toujours en phase "bêta". Originellement crée par les développeurs de MoonChild Productions, éditeur du navigateur Pale Moon, il était destiné à tester certaines fonctions avant intégration à Pale Moon. Désormais, depuis août 2022, Basilisk vole de ses propres ailes grâce à une nouvelle équipe.

Toujours clone de Firefox et basé sur le moteur Goanna (fork de Gecko), cette nouvelle équipe continuera à développer le code (basé sur XUL) abandonné par l'équipe de Mozilla lors du basculement de Firefox 56 à 57 tout en le modernisant.

De ce fait, Basilisk est désormais un navigateur totalement indépendant et suit donc son propre rythme de mise à jour. Il est cependant disponible que sur Windows (à partir de Windows 7) et Linux. Une version compatible pour macOS ARM (M1/M2) est en préparation...

Basilisk
Version actuelle : 2024.02.03 - Voir les extensions disponibles
[🇺🇸] : Windows 32 bits, 64 bits | Linux

Notes de version de Basilisk 2024.02.03 (03/02/2024)

This is a new milestone release.

  • Implemented a restricted version of the asynchronous clipboard API (navigator.clipboard). This API is restricted to writing only for obvious security considerations. It supports both plaintext and the standard DataTransfer methods. We did not implement the reinvented wheel concept of ClipboardItem objects.
  • Implemented support for SHA-2 (SHA-256/SHA-512/etc.) signatures for OCSP stapled responses.
  • Implemented PromiseRejectionEvent. Although this is rarely actually used, some common JS libraries (you know who you are!) use it as a feature level canary and start loading (broken!) Promise shims if it is not found, causing compatibility issues and broken websites due to the shims.
  • Aligned microtasks and Promises scheduling with the current spec and expected behavior.
  • We now no longer send click events to top levels of the document hierarchy when using non-primary buttons (use auxclick, instead, to capture these events).
  • Greatly improved the performance of box shadows.
  • Greatly improved the performance of file/data uploads over HTTP/2 (most of the secure websites out there).
  • Fixed several issues related to focus and content selection.
  • Fixed issues with the use of focus-within caused by unexpected processing of DOM events.
  • Fixed an issue with CSP not behaving as-expected when using importScripts(), and fixed a number of additional CSP-related issues.
  • Fixed a web compatibility issue with CORS preflights not sending the original request's referrer policy or referrer header.
  • Fixed a spec compliance issue with StructuredClone.
  • Fixed a crash due to clamping code introduced for SetInterval and SetTimeout timers.
  • Fixed crashes when dynamic imports are canceled (e.g. by navigation).
  • Changed <input type=file> to now have its .files property be writable following a spec change and recommendation.
  • We are now requiring and building against the C++17 language standard.
  • Updated the in-tree ffvpx lib to 6.0.
  • Added a preference to allow users to completely disable reporting of CSP errors to webmasters. Using this is strongly discouraged as it will provide essential troubleshooting information to webmasters setting up CSP, and does not pose a privacy issue, but for those who really want it, it can now be fully disabled. The preference is security.csp.reporting.enabled.
  • Updated the IntersectionObserver interface to now also accept documents for the observer root instead of only HTML elements.
  • Cleaned up various bits of code surrounding GMP, memory allocation, system libraries, vestigial Android code, freetype2 and developer tools.
  • Improved efficiency of handling D3D textures.
  • Added initial and experimental Mac PowerPC and Big Endian support.
  • Added preferences for the user to control whether or not the tab page title should be included in the window title or not. In Private Browsing mode, the default is now to not show the title in the window. This was done to avoid potential leakage to system logs (e.g. GNOME shell logs or Windows event logs) of websites visited through the recorded window title. The new preferences are privacy.exposeContentTitleInWindow and privacy.exposeContentTitleInWindow.pbm for normal mode and Private Browsing mode, respectively.
  • Fixed several crashes in DOM and relating to dynamic JavaScript module imports.
  • Removed a restriction on Fetch preflight redirects, following a spec update.
  • Improved the handling of web workers if they get aborted mid-action.
  • Linux releases on both x86_64 and aarch64 are now built with GCC 11 and Oracle Linux 8.
  • Linux aarch64 releases are no longer considered to be in beta. Autoupdates will now work for Linux aarch64 builds moving forward.
  • Linux aarch64 builds are now available with both GTK2 and GTK3.
  • Refactored easy build shell script to use Oracle Linux 8 and GCC 11.
  • Refactored easy build shell script to work on both x86_64 and aarch64.
  • Changed some default Basilisk networking preferences to better respect privacy and security out of the box.
  • Fixed broken security section in the Page Info window.
  • Security issues addressed: CVE-2023-6863, CVE-2023-6858, CVE-2024-0746, CVE-2024-0741, CVE-2024-0743 DiD, CVE-2024-0750 DiD, and CVE-2024-0753.
  • UXP Mozilla security patch summary: 7 fixed, 4 DiD, 1 rejected (which was DiD at best), 34 not applicable.
Notes de versions complètes de Basilisk