Mercurial > dillo_port1.3

view doc/Cookies.txt @ 1037:a72e5506e280

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Implemented Instant client-side redirects (META refresh with delay=0) http://www.w3.org/TR/2008/NOTE-WCAG20-TECHS-20081211/H76.html
author Jorge Arellano Cid <jcid@dillo.org>
date Sat, 18 Apr 2009 16:16:18 -0400
parents da766fa9efed
children 760d31f49672
line wrap: on
line source
Jan 2002, Jörgen Viksell - jorgen.viksell@telia.com,
          Jorge Arellano Cid --
Last update: October 2008


==================
 Cookies in Dillo
==================

Supported: old Netscape style, RFC 2109, RFC 2965.

Cookies are handled by a dpi (plugin) which shares them between your
instances of Dillo.

When the dpi exits, cookies that you have ACCEPTed are saved to
~/.dillo/cookies.txt, and ACCEPT_SESSION cookies are forgotten.
(Currently the only limit to the amount of cookies to save to disk is
a maximum of 20 per domain.)
The dpi normally exits after a period of inactivity, but you can force it to
exit with the command "dpidc stop".


=====================
 Controlling cookies
=====================

Out of the box, dillo rejects all cookies.


If you want to accept certain cookies, you can specify rules for different
domains in the file ~/.dillo/cookiesrc. The syntax looks like:

DEFAULT       DENY
slashdot.org  ACCEPT
.host.com     ACCEPT_SESSION

Line 1: Deny all cookies from all domains not otherwise specified.
Line 2: Accept all cookies from slashdot.org, and save them to
        ~/.dillo/cookies.txt when the cookies dpi exits.
Line 3: Accept all cookies from all subdomains of host.com, but
        do not save them when the dpi exits.


If you are positive that you will never want any cookies, you can
configure/compile Dillo without cookie support. The option is:
./configure --disable-cookies


===================
 Cookies & Privacy
===================

 Cookies can be a severe threat to personal privacy. The pages you
visit can be tracked, logged, and associated to a peronal data-record,
allowing the possibility of building a detailed profile of your
browsing habits.

 This data is sold to companies that profit from direct use of such
information (SPAM, Spying, etc).

 If this data is cross-referenced with other databases, they can end up
with more information than you have about yourself.

 Some people may tell you this is "paranoid". But please, take my words
as those of someone that has written a web browser, a cookies implementation,
and that has deep understanding of HTTP (RFC-2068) and cookies (RFC-2965).

 Non technical persons may like to read:
   http://www.junkbusters.com/cookies.html

 The dillo project is especially concerned about privacy and security
issues. Our advice is to avoid cookies whenever possible and at most set
ACCEPT_SESSION to specific, trusted sites.  -- You have been warned.


Thats all folks!