CDHaha Download

Basilisk is a free and Open Source XUL-based web browser, featuring the well-known Firefox-style interface and operation. It is based on the Goanna layout and rendering engine (a fork of Gecko) and builds on the Unified XUL Platform (UXP), which in turn is a fork of the Mozilla code base without Servo or Rust.

Basilisk as an application is primarily a vessel for development of the XUL platform it builds upon, and additionally a potential replacement for Firefox to retain the use of Firefox Extensions.

Basilisk is development software. This means that it should be considered more or less “beta” at all times; it may have some bugs and is provided as-is, with potential defects. Like any other Free Software community project, it comes without any warranty or promise of fitness for any particular purpose. That being said: of course we will do our best to provide an as stable and secure browser as possible with every official release of Basilisk.

It should be noted that because of this focus on platform development, the browser itself (the application code) will be released and maintained mostly as-it-is, with very little change or development on the user interface or browser front-end features.

Basilisk is a modern, full-featured web browser and as such requires a reasonably modern system to properly run.
Windows requirements

Windows 7 or later. Windows XP or Windows Vista are not supported.
1GB of RAM (2GB or more recommended for heavy use).
Dedicated GPU strongly recommended.
A modern processor (must have SSE2 support as the absolute minimum)

Important differences with Mozilla Firefox:

Uses Goanna as a layout and rendering engine. Goanna behaves slightly differently than Gecko in certain respects and may result in different display of web pages. e.g.: Goanna renders gradients in a more accurate color space (non-premultiplied).
Builds on UXP, our XUL platform in development. As such XUL is alive and well in this browser and will not be deprecated.
Has some long-standing known issues with the Mozilla code-base fixed (e.g. CVE-2009-1232).
Does not use Rust or the Photon user interface. You can expect a familiar interface as-carried by Firefox between v29 and v56.
Does not use Electrolysis (e10s, multi-process browsing).
Does not require walled-garden extension signing.

These release notes are summaries of the most important changes for public releases.

v2026.01.23
Published 2026-01-23

UXP Changes:
Allow themes to detect Windows 11 usage.
Implemented WeakRef.
Implemented URL.canParse().
Implemented the inset-block and inset-inline CSS shorthands.
Added a preference (privacy.forgetaboutsite.clearPasswords) to control clearing of passwords when using “forget about this site” in the permissions manager, and disabled clearing of passwords by default, since it was considered unexpected behavior by the community.
Re-landed CSS Cascade Layers support after the previous back-out.
Re-landed CSS color-mix support after the previous back-out. RGB and HSL color spaces only, like previous.
Implemented viewport overflow propagation logic. See implementation notes.
Unprefixed CSS -moz-appearance; Basilisk now accepts the unprefixed CSS appearance keyword. For compatibility, -moz-appearance and -webkit-appearance (if enabled) have been retained.
Fixed an intermittent but fairly prominent crash-to-desktop due to JavaScript garbage collection on certain modern sites.
Fixed a crash on sites with certain types of CSP handling.
Fixed a crash in WASM.
Updated NSS to 3.90.9 (custom).
Updated ICU to v78.1.
Added support for building on Sparc64 hardware.
Added support for building for NetBSD on DEC Alpha.
Added basic support for building on Mac PowerPC (still a work in progress).
Added basic support for building on LoongArch64 hardware (龍芯 CPUs).
Added support for running on FreeBSD 15.
Removed automatic coloring of auto-filled login fields.
Restored support for in-process NPAPI plugins.
Improved JavaScript IonMonkey stability on ARM and Mac SoC hardware.
Built on UXP commit: f272382a9c
Security issues addressed: CVE-2025-13015, CVE-2026-0879 (DiD), CVE-2026-0880 (DiD), CVE-2026-0889 (DiD), CVE-2026-0883, CVE-2026-0886 (DiD), and several others without a CVE designation.

Basilisk Changes:
Change dom.always_stop_slow_scripts pref to true by default
Implement internal polyfill loader based on Greasemonkey to help with compatibility when UXP does not support specific JS features.
Update PDF.js to v3.11.174.
Restore official branding files back to Basilisk repo.
Make List All Tabs button removable and always visible.
Implement Firefox’s “Container Tabs” functionality.
Introduced LoongArch64 builds. These are built on Slackwareloong64.

Included Polyfills:
This release includes the following polyfills:
image.decode
Intl.DisplayNames
TextEncoderStream
ReadableStream pipeTo
ReadableStream pipeThrough
FinalizationRegistry

Basilisk Update Notes:
There may be situations in which the “restore session” functionality does not correctly assign restored tabs to the container in which they were used. If this happens to you please report the exact steps to reproduce.
PDF.js v3.11.174 was chosen because it is the last version not to use JS Modules.
PDF.js has the following changes applied:
Fix for CVE-2024-4367 (isEvalSupported set to false by default).
Disabled XFA by default.
Disabled execution of arbitrary JavaScript in all PDF files by default. I was just as horrified as you are to learn that this exists and is an actual spec.
CSS and JS fixes as needed to make it render and work correctly in UXP-based browsers.
Releases on all platforms other than Windows are now built with Clang + Thin LTO for improved performance.

UXP Implementation Notes:
The WeakRef spec only allows code to hint/coerce and does not guarantee if or when dereferencing happens.
A number of sites have started using overflow-x: clip without overflow-y on full-document elements. While this makes little sense, our strict implementation previously resulted in unscrollable pages. There is special viewport overflow propagation logic in the relevant drafts which we have now implemented to avoid this behavior.