| 更新日誌 |
# Fixes/changes:
- The layout parser/renderer has received many updates with this change over to Goanna, improving web compatibility and standards compliance in many areas.
- The browser user interface has received updates, making it more compatible with Windows 10 in many respects and more in line with the general styles of the operating system version it is run on in terms of the shapes of controls and color setting.
- Updated graphics/media support: Pale Moon now supports the WebP image format, properly scales EXIF rotated JPEGs, has updated support for different WebGL texture formats, improved scaling of vector images, updated libpng, libjpeg-turbo, libvpx, and misc other upstream libraries/modules, and more!
- Library changes:
* The library now has a scope bar (pops up when searching) with the option to select what you want to search in (either bookmarks or history) and the option to save your searches.
* By default, there will be a history menu drop-down in the browser's user interface next to the bookmarks one.
* Added "Containing folder" and "Containing folder path" columns so you can see exactly where a bookmark is located at a glance when searching (after enabling the columns).
- Added support for Ruby annotations. If you need this functionality, set the about:config preference browser.ruby.enabled to true, and restart the browser.
- Added conservative image decoding: it will now only decode images that are (almost) in view, greatly improving overall memory use and initial loading of graphics-heavy pages.
- Aligned 3D CSS transforms and perspective with the spec.
- JavaScript improvements: added basic support for ES6 Promises, added element.matches(), updated property assignments, added Bin/Oct literals in Number(), improved performance of TypeOf calls, improved GC memory shrinking, improved memory allocations, improved RegEx performance and compatibility, and more!
- Added CSS media queries to determine the OS the browser is running on, allowing theme designers to make specific changes based on OS at run-time.
- Added a control preference for onunload= events as dom.disable_beforeunload. This allows you to completely disable events fired when leaving a page.
- Changed the memory allocator to the (faster) system allocator on modern operating systems.
- Improved the handling of very large numbers of tabs.
- Added Ecosia as a "green" search engine alternative for the environmentally aware surfer.
- Autoplay of media now has a separate control preference for scripted content as media.autoplay.allowscripted, to block script-initiated autoplay of media.
# Security updates:
- Added support for 128-bit Camellia-GCM ciphers in addition to the existing CBC ciphers to offer a more internationally diverse choice of secure encryption ciphers than just AES.
- Added an advanced, active XSS (cross-site scripting) filter. Pale Moon will now check for XSS attacks and block XSS content in the resulting pages. This is brand-new technology and feedback on this filter specifically (e.g. bugs, false positives, etc.) should be posted in the dedicated thread on the forum for this feature. Please also see that thread for details on how to use and control this filter.
- Distrusted several root certificates in accordance with security best practice.
- Aligned cookie acceptance with RFC 6265 §4.1.1. We still make an exception for allowing spaces and double quotes in cookie values, but this will be made more strict in the future for full spec compliance. If you are a web designer and use cookies, please verify that you are RFC compliant in terms of both cookie names and cookie values, or the browser may reject them.
- Removed several hazardous modules like the maintenance service and the identity module.
- Ported all security updates from Mozilla that are applicable/relevant to our code base (up to and including all security issues made known to us until now). Considering v26 has been kept updated over its long development until release, the list of fixes/CVEs would be too exhaustive to list in these release notes individually. |
