| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
update link to moved version of chromium's json file
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This modifies the whitelist and https forcing code to internally use
unix extended regular expressions to match domains. The old config
syntax converted to an appropiate regular expression. Inputing of raw
regular expressions is possible by prepending the string "re:" in
front of a regular expression, for example:
js_wl = re:^(.*\.)*cyphertite\.com$
would be the same as
js_wl = .cyphertite.com
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
removed these earlier as we had .google.com, which was later removed
as .google.com was only there for cert pinning.
|
|
|
whitelist settings) to make all requests to that domain use the HTTPS
scheme, similar to HSTS.
Install a new file, hsts-preload, into the resource dir. This is a
regular config file with a bunch of force_https = ... lines, which is
used to implement a preloaded HSTS list. Right now all the domains in
this file, except for conformal.com and cyphertite.com, are taken
directly from chromium's preloaded HSTS list (and should be synced
with this file every so often). Also implement a new setting,
preload_strict_transport (enabled by default), to enable or disable
the loading of this preloaded HSTS list. Document force_https and
preload_strict_transport in the manpage.
|