Codebase list dillo / debian/3.0_rc3-1 doc / Cookies.txt
debian/3.0_rc3-1

Tree @debian/3.0_rc3-1 (Download .tar.gz)

Cookies.txt @debian/3.0_rc3-1raw · history · blame

Jan 2002, Jörgen Viksell - jorgen.viksell@telia.com,
          Jorge Arellano Cid --
Last update: March 2010


==================
 Cookies in Dillo
==================

The current specification for cookies is RFC 6265
( http://tools.ietf.org/html/rfc6265 ).

Cookies are handled by a dpi (plugin) which shares them between your
instances of Dillo.

Current cookie limits are: 20 per domain, and 1200 in total.

When the dpi exits, cookies that you have ACCEPTed are saved to
~/.dillo/cookies.txt, and ACCEPT_SESSION cookies are forgotten.
The dpi normally exits after a period of inactivity, but you can force it to
exit with the command "dpidc stop".


=====================
 Controlling cookies
=====================

Out of the box, dillo rejects all cookies.


If you want to accept certain cookies, you can specify rules for different
domains in the file ~/.dillo/cookiesrc. The syntax looks like:

#host         action
DEFAULT       DENY
fltk.org      ACCEPT
.host.com     ACCEPT_SESSION

Line 0: Comment line begins with '#'.
Line 1: Deny all cookies from all domains not otherwise specified.
Line 2: Accept all cookies from fltk.org, and save them to
        ~/.dillo/cookies.txt when the cookies dpi exits.
Line 3: Accept all cookies from all subdomains of host.com, but
        do not save them when the dpi exits.


If you are positive that you will never want any cookies, you can
configure/compile Dillo without cookie support. The option is:
./configure --disable-cookies


===================
 Cookies & Privacy
===================

 Cookies can be a severe threat to personal privacy. The pages you
visit can be tracked, logged, and associated to a peronal data-record,
allowing the possibility of building a detailed profile of your
browsing habits.

 This data is sold to companies that profit from direct use of such
information (SPAM, Spying, etc).

 If this data is cross-referenced with other databases, they can end up
with more information than you have about yourself.

 Some people may tell you this is "paranoid". But please, take my words
as those of someone who has written a web browser, a cookies implementation,
and who has deep understanding of HTTP and cookies.

 The dillo project is especially concerned about privacy and security
issues. Our advice is to avoid cookies whenever possible and at most set
ACCEPT_SESSION to specific, trusted sites.  -- You have been warned.