Super fast Goanna-based browser designed for the best possible performance

Pale Moon (64-bit)

Join our mailing list

Stay up to date with latest software releases, news, software discounts, deals and more

Download Pale Moon 27.7.0 (64-bit)

Pale Moon (64-bit)

 -  100% Safe  -  Open Source

What's new in this version:

Changes/fixes:
- Reorganized access to preferences (moved to the Tools menu on Linux, and renamed from "Options" to "Preferences" on Windows)
- Renamed "Restart with add-ons disabled" to "Restart in Safe Mode" to better reflect what it does
- Worked around an issue with some improperly-encoded PNG files not decoding after our libpng update
- Fixed an issue on Mac builds not properly populating the application menu
- Added "My home page" as an option for new tabs
- Added an option to disable the 4th and 5th mouse buttons (Windows)
- (mouse.button4.enabled and mouse.button5.enabled, respectively)
- Improved the resetting of non-default profiles
- Fixed an issue with details/summary having the incorrect height if floated, breaking layouts
- Made several more improvements to the details/summary tags to align them with the current spec and fix some additional bugs
- Implemented support for flex/columnset contents inside buttons to align its behavior with other browsers
- (this should fix layout issues with Twitch's new web interface)
- Fixed an issue where CSS clone operations would draw a border
- Changed the way fractional border widths are rounded to provide more natural behavior
- Fixed an issue where number inputs would incorrectly be flagged as read-only
- Added assets for tile display in the Windows start panel
- Finished sync infra swapover by adding a one-time pref migration for server used
- Improved WebAudio API: Return the connected audio node from AudioNode.connect()
- Added support for a default playback start position in media elements
- Fixed an assert in cubeb-alsa code (Linux).
- Added support for media cue-change events (e.g. subtitles)
- Updated SQLite to 3.21.0
- Fixed a crash when trying to use the platform embedded
- Fixed devtools (gcli) screenshots on vertical-text pages
- Fixed devtools copy as cURL for POST requests
- Improved the HTML editor component (several bugfixes)
- Added support for ES7's exponentiation a ** b operator
- Fixed an issue with arrow functions incorrectly creating an 'arguments' binding
- Added Javascript's ES6 "unscopables"

Security/privacy fixes:
- Disabled automatic filling in of log-in details by default to prevent potential risks of credentials being abused (e.g. for tracking) or stolen
- Added a preference (in the category security) to easily enable or disable automatic filling in of log-in data
- Removed the sending of referrers when opening a link in a new private window
- Added an option to disable the page visibility Web API (dom.visibilityAPI.enabled), allowing users to prevent pages from knowing whether they are being actively displayed to the user or not
- Removed the "ask every time" policy for cookies. For granular control, please use any of the excellent available extensions to regulate cookie use on a per-site or per-url basis
- Added support for X-Content-Type-Options: nosniff (for scripts)
- Changed the resolution of performance timers to a level where any future potential abuse for hardware-timing attacks becomes impractical. DiD (DiD This means that the fix is "Defense-in-Depth": It is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered)



Join our mailing list

Stay up to date with latest software releases, news, software discounts, deals and more