Software-update: Pale Moon 29.4.0

Versie 29.4.0 van Pale Moon is uitgekomen. Deze webbrowser is ooit begonnen als een fork van Mozilla Firefox. Door optimalisaties voor moderne hardware en het weglaten van Accessibility features en Parental Controls presteerde hij toen een stuk beter. Ook was er een 64bit-versie beschikbaar, ruim voordat Mozilla deze zelf aanbood. Sinds Mozilla in versie 57 is overgestapt op Quantum, is er echter weinig meer dat de twee browsers nog verbindt.

Vlak voordat Mozilla met Quantum kwam, heeft het Pale Moon-ontwikkelteam de sourcetree van Firefox nog een keer geforkt en er de verbeteringen van Pale Moon aan toegevoegd. Zo is er bijvoorbeeld de lay-outengine Goanna, een fork van Gecko, waarvan nu de vierde generatie uit is. Daarnaast is er het Unified XUL Platform, dat kan worden beschouwd als een tegenhanger van het op Chromium gebaseerde Electron. De download van Pale Moon is alleen in het Engels; een apart Nederlands taalbestand is beschikbaar. Sinds versie 29.2.1 zijn de volgende veranderingen en verbeteringen aangebracht:

Changes in version 29.4.0

• Implemented promise.allSettled().
• Implemented global origin on windows and workers.
• Improved performance of memory allocations.
• Updated libcubeb to the current development version.
  This improves OSS compatibility and addresses potential crashes, performance issues and security issues.
• Updated SQLite to 3.36.0.
• Improved thread safety of the web content cache. DiD
• Added several fixes to avoid potential crashes and security issues. DiD
• Unified XUL Platform Mozilla Security Patch Summary: 5 DiD, 12 not applicable.

Changes in version 29.3.0

• "Web Developer" is now called "Developer Tools" in the menus.
• Updated and aligned about:home, the QuickDial page and logopage styling.
• Re-organized the privacy category in the preferences window.
• Enabled brotli compression for http for sites that support it. See implementation notes.
• Implemented EventTarget as a constructor.
• Updated Windows 10 toolkit styling.
• Updated the port blacklist (removed 10080). See implementation notes.
• CSS: Implemented calc() and animation support for stroke-dashoffset.
• Added support for checking boolean preferences to chrome CSS style sheets, to support more advanced theming options.
• Added support for dynamic dark color capable themes in CSS.
• Updated ResizeObserver implementation to a more recent specification. See implementation notes.
• Removed a metric ton of Macintosh code.
• Removed obsolete system theme support from the layout engine.
• Fixed several crashes.
• Linux: blocked particularly old versions of Mesa/Nouveau drivers due to issues.
• Security issues addressed: CVE-2021-30547 and several other issues that don't have a CVE number.
• Unified XUL Platform Mozilla Security Patch Summary: 3 fixed, 3 DiD, 2 deferred (DiD), 12 not applicable.

Implementation notes:

• Brotli compression (introduced a few years back) has originally been restricted to https only in web browsers because there was some concern about interaction with middleware boxes with poor design trying to transparently recompress data not recognizing the new compression stream type and causing failures. The kind of processing done in those boxes (SDCH) has long since been deprecated. Since then, the segregation for Brotli between http and https has been maintained by Chrome and Firefox as a vessel to further promote https over http by artificially keeping http less efficient (denying the use of the more dense Brotli compression). Since there is no technical reason not to enable Brotli over http, we will accept (by way of Accept-encoding) Brotli over plain http from this version on, offering up to 20% less bandwidth use when servers also support it.
• We maintain a blacklist of ports that should not be addressed from a browser (primarily to prevent scripted abuse). Not too long ago we updated these ports with a number of additional (higher range) ones, including port 10080 (Amanda). Unfortunately there is too much overlap with other common services/devices that also use this (arbitrarily chosen) port, so we've removed this particular port again from our blacklist.
• The ResizeObserver implementation was changed to now support the updated specification for this API, including the experimental properties contentBoxSize and borderBoxSize which allows finer control to respond to size changes of elements. The old spec sizing property of contentRect remains supported for web compatibility.