view doc/Cookies.txt @ 2048:5060d415a85a

clickable menu items (even those introducing submenus) MUST have callbacks I clicked on the "Panel size" item itself instead of any of the options in its submenu, and: Segfault!
author corvid <corvid@lavabit.com>
date Thu, 26 May 2011 02:51:18 +0000
parents 970b8815d82b
children 1b4d8d05173d
line wrap: on
line source
Jan 2002, Jörgen Viksell - jorgen.viksell@telia.com,
          Jorge Arellano Cid --
Last update: March 2010


==================
 Cookies in Dillo
==================

Dillo's cookies implementation is guided by ongoing work by the HTTP State WG
( http://www.ietf.org/dyn/wg/charter/httpstate-charter ) to specify current
real-world cookies usage.

Cookies are handled by a dpi (plugin) which shares them between your
instances of Dillo.

Currently, cookie limits are: 20 per domain, and 1200 in total.

When the dpi exits, cookies that you have ACCEPTed are saved to
~/.dillo/cookies.txt, and ACCEPT_SESSION cookies are forgotten.
The dpi normally exits after a period of inactivity, but you can force it to
exit with the command "dpidc stop".


=====================
 Controlling cookies
=====================

Out of the box, dillo rejects all cookies.


If you want to accept certain cookies, you can specify rules for different
domains in the file ~/.dillo/cookiesrc. The syntax looks like:

#host         action
DEFAULT       DENY
fltk.org      ACCEPT
.host.com     ACCEPT_SESSION

Line 0: Comment line begins with '#'.
Line 1: Deny all cookies from all domains not otherwise specified.
Line 2: Accept all cookies from fltk.org, and save them to
        ~/.dillo/cookies.txt when the cookies dpi exits.
Line 3: Accept all cookies from all subdomains of host.com, but
        do not save them when the dpi exits.


If you are positive that you will never want any cookies, you can
configure/compile Dillo without cookie support. The option is:
./configure --disable-cookies


===================
 Cookies & Privacy
===================

 Cookies can be a severe threat to personal privacy. The pages you
visit can be tracked, logged, and associated to a peronal data-record,
allowing the possibility of building a detailed profile of your
browsing habits.

 This data is sold to companies that profit from direct use of such
information (SPAM, Spying, etc).

 If this data is cross-referenced with other databases, they can end up
with more information than you have about yourself.

 Some people may tell you this is "paranoid". But please, take my words
as those of someone that has written a web browser, a cookies implementation,
and that has deep understanding of HTTP (RFC-2068) and cookies (RFC-2965).

 Non technical persons may like to read:
   http://www.junkbusters.com/cookies.html

 The dillo project is especially concerned about privacy and security
issues. Our advice is to avoid cookies whenever possible and at most set
ACCEPT_SESSION to specific, trusted sites.  -- You have been warned.


Thats all folks!