* [NEW] force_https setting and https command to force a given domain
to always use HTTPS
* [NEW] Use force_https to provide a preloaded HSTS list to help avoid
the ssl stripping attack. Sites in this list are taken from
Chromium's preloaded HSTS list, and additional domains added by the
xombrero authors.
* Add a workaround to fix a GTK focus bug until it has been fixed
upstream (see https://bugzilla.gnome.org/show_bug.cgi?id=677329)
* Modify the about:allthethings output to a more C-like syntax
* Remove the usage of relying on some deprecated webkitgtk signals
* Prevent spitting out warnings of deprecated gcrypt functions when
building
* Prevent a crash when using editsrc on about:blank or any other blank
page
* Many various code cleanups
And more.
Ok pascal@
* [NEW] Implement a new setting, do_not_track, to set the Do Not Track
HTTP header. This setting is disabled by default in normal mode and
enabled in whitelist mode.
* Fix the keybindings in the example config so they properly represent
the default values in the source code.
* Add some additional paranoia in the input focus code to prevent a
segfault on some sites (most notably, pnc.com).
* Fix a bug where HSTS would never be enabled if referer_mode = always
* Fix the build when debugging is enabled
* Show a warning when the binary could not be run when executing a
program based on a MIME type, except for the special "donothing"
binary name.
Tested by severals.
Ok aja@ gsoares@
here is the new port and the new stuff:
* Fix a bug where not the entire saved cert wouldn't be checked
* Add an include_config setting to load additional configuration
settings
* Add option to display when a download completes
* Rewrite mutex implementation to work around some bogus buggy mutex
implementation messages
* Make bunch of settings work in runtime vs start-of-day
* Add option to select search engine when used the first time
* Add ctrl-enter to prefix www. and postfix .com
* Add stop keybinding
* Fix a bunch of tiny bugs and general code improvement
OK sthen@
