Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
10 check-ins related to "ben-security"
2011-06-02
| ||
19:31 | Merge SSL client certificate support from ben-security branch check-in: 397f434a4d user: ben tags: ben-testing | |
2011-05-29
| ||
12:53 | Remove accidentally included line of code. Closed-Leaf check-in: 0bed863b69 user: ben tags: ben-security | |
12:49 | Support for client side SSL certificates for extra authentication to https servers. Adds --ssl-identity command line option and ssl-identity setting to specify the filename of a identity file containing a PEM encoded certificate and private key. check-in: e06ea26e97 user: ben tags: ben-security | |
2011-05-28
| ||
17:56 | Merge the latest changes from the ben-security branch into trunk. check-in: 6d35cde78d user: drh tags: trunk, test-%-&-tag | |
16:23 | Add the X-Frame-Options: DENY header to HTTP responses, and a comment lamenting that two other helpful security headers can't really be used without breaking things. check-in: 95f04bbfbf user: ben tags: ben-security | |
2011-05-23
| ||
15:11 | Merge the ben-security branch into the trunk. check-in: 474850cff5 user: drh tags: trunk, release | |
2011-05-22
| ||
15:08 | Follow web app best practise by marking cookies as HttpOnly and, if it's over an https connection, as 'secure' so they will only be transmitted over https. Options supported by major browsers, and harmless where not supported. check-in: e4b57a3230 user: ben tags: ben-security | |
14:53 | When displaying an unknown certificate, also display the certificate fingerprint so the user can verify they're seeing the certificate they expect. Just displaying the textual names in the certificate does not give enough information to be certain someone isn't doing a man in the middle attack. check-in: fc93bfb0f7 user: ben tags: ben-security | |
14:23 | Create new branch named "ben-security" check-in: 2b4a6a66e1 user: ben tags: ben-security | |
2011-05-21
| ||
16:57 | If at the tip of the current branch but there are children in other branches, the "fossil up" command should do nothing. check-in: 1343cfad7b user: drh tags: trunk | |