: K-Meleon Forum
K-Meleon development related discussions.
[quote=dugbugoffice2] There is a new K-meleon-db type. K-meleon 1.6db+NS. The NS is the "NoScript" version 2.4.8 It only works in the old K-meleon 1.6 engine. The K-meleon 1.7 has no effect. It is set up from a Firefox 3.6+ NS setup with everything cleaned up & with max security. A clean page for you! Because of being from Firefox, there is no NS options. You can still set add to white list & delete from white list etc. All works but going in to the options does not. K-Meleon-1.6db+NS gets a max of 13 on the security test at: http://www.browserscope.org/security/test That is with all the KMFILES on, with "frames" on & "Secure-High" off. And "Block page colors" turned on. 1. PASS postMessage API 2. PASS JSON.parse API 3. FAIL toStaticHTML API 4. PASS httpOnly cookie API 5. PASS X-Frame-Options 6. PASS X-Content-Type-Options 7. PASS Block reflected XSS 8. PASS Block location spoofing 9. PASS Block JSON hijacking 10. PASS Block XSS in CSS 11. FAIL Sandbox attribute 12. FAIL Origin header 13. PASS Strict Transport Security 14. PASS Block cross-origin CSS attacks 15. FAIL Content Security Policy 16. PASS Cross Origin Resource Sharing 17. PASS Block visited link sniffing Note FireFox 3.6+ gets a 14 on the security, so 1.6db+NS is not so far off. Even how this seems more secure than the other db types this version needs to be seen as a BETA browser! Be safe take care. http://home.dbdbdugbug.operaunite.com/Projects/content/KMFILES[/quote]
K-Meleon forum is powered by