K-Meleon :: Development

Development : K-Meleon Forum

K-Meleon development related discussions.

Goto: Forum List•Message List•Search•Log In

Your Name:
Subject:

Help information

[quote=dugbugoffice2]
There is a new K-meleon-db type. K-meleon 1.6db+NS. 
The NS is the "NoScript" version 2.4.8
It only works in the old K-meleon 1.6 engine.
The K-meleon 1.7 has no effect.

It is set up from a Firefox 3.6+ NS setup 
with everything cleaned up & with max security.
A clean page for you!

Because of being from Firefox, there is no NS options. 
You can still set add to white list &
delete from white list etc.
 All works but going in to the options does not.

K-Meleon-1.6db+NS gets a max of 13 on the security 
test at: http://www.browserscope.org/security/test

That is with all the KMFILES on, with "frames" on 
& "Secure-High" off. And "Block page colors" turned on.

1. PASS postMessage API
2. PASS JSON.parse API
3. FAIL toStaticHTML API
4. PASS httpOnly cookie API
5. PASS X-Frame-Options
6. PASS X-Content-Type-Options
7. PASS Block reflected XSS
8. PASS Block location spoofing
9. PASS Block JSON hijacking
10. PASS Block XSS in CSS
11. FAIL Sandbox attribute
12. FAIL Origin header
13. PASS Strict Transport Security
14. PASS Block cross-origin CSS attacks
15. FAIL Content Security Policy
16. PASS Cross Origin Resource Sharing
17. PASS Block visited link sniffing

Note FireFox 3.6+ gets a 14 on the security, so 1.6db+NS 
is not so far off.

Even how this seems more secure than the other db types 
this version needs to be seen as a BETA browser!

Be safe take care. 
http://home.dbdbdugbug.operaunite.com/Projects/content/KMFILES[/quote]

K-Meleon forum is powered by Phorum.