Development :  K-Meleon Forum
K-Meleon development related discussions. 
There is a new K-meleon 1.6db+NS
Posted by: dugbugoffice2
Date: July 29, 2012 07:46PM

There is a new K-meleon-db type. K-meleon 1.6db+NS.
The NS is the "NoScript" version 2.4.8
It only works in the old K-meleon 1.6 engine.
The K-meleon 1.7 has no effect.

It is set up from a Firefox 3.6+ NS setup
with everything cleaned up & with max security.
A clean page for you!

Because of being from Firefox, there is no NS options.
You can still set add to white list &
delete from white list etc.
All works but going in to the options does not.

K-Meleon-1.6db+NS gets a max of 13 on the security
test at:

That is with all the KMFILES on, with "frames" on
& "Secure-High" off. And "Block page colors" turned on.

1. PASS postMessage API
2. PASS JSON.parse API
3. FAIL toStaticHTML API
4. PASS httpOnly cookie API
5. PASS X-Frame-Options
6. PASS X-Content-Type-Options
7. PASS Block reflected XSS
8. PASS Block location spoofing
9. PASS Block JSON hijacking
10. PASS Block XSS in CSS
11. FAIL Sandbox attribute
12. FAIL Origin header
13. PASS Strict Transport Security
14. PASS Block cross-origin CSS attacks
15. FAIL Content Security Policy
16. PASS Cross Origin Resource Sharing
17. PASS Block visited link sniffing

Note FireFox 3.6+ gets a 14 on the security, so 1.6db+NS
is not so far off.

Even how this seems more secure than the other db types
this version needs to be seen as a BETA browser!

Be safe take care.

Options: ReplyQuote

K-Meleon forum is powered by Phorum.