aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorcorvid <devnull@localhost>2015-07-03 00:40:45 +0000
committercorvid <devnull@localhost>2015-07-03 00:40:45 +0000
commit37deb338104c567d49813da18e1e0c340ba44378 (patch)
treeaa8ea29cc953d0d3b983ae3ba8e440a8567eeb77
parent138d6ec7c901bbacf78e9fe831fb24ff3457ca2d (diff)
hsts changelog
Diffstat
-rw-r--r--ChangeLog2
-rw-r--r--dillorc2
2 files changed, 3 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index 007a724f..0bce658a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -27,6 +27,8 @@ dillo-3.1 [not released yet]
- Give images lower priority when requesting resources (responsiveness).
- Reuse of connections for HTTP (enable w/ http_persistent_conns in dillorc).
- Abort failed queries.
+ - HTTP Strict Transport Security (disable with http_strict_transport_security
+ preference in dillorc).
Patches: corvid
+- Doxygen fixes.
Patch: Jeremy Henty
diff --git a/dillorc b/dillorc
index fb37a86f..cd9a2f2a 100644
--- a/dillorc
+++ b/dillorc
@@ -192,7 +192,7 @@ search_url="Google http://www.google.com/search?ie=UTF-8&oe=UTF-8&q=%s"
# This mechanism allows servers to specify that they are only to be contacted
# through HTTPS and not HTTP.
#
-# On the whole, this is a valuable security measure against TLS stripping
+# Overall, this is a valuable security measure against TLS stripping
# attacks, etc., but in principle a site could contrive to use this as a
# tracking mechanism. The term is "HSTS super cookie", although note that these
* HSTS directives are not saved between browser sessions.