Project

General

Profile

[question] DOM Storage on unsecure connection ?

Added by ask low 6 months ago

I observed that PBA denies DOM storage for http:// sites. It is true right ?
Will this improve security ? If so, can you briefly explain the concept, and the chances of vulnerabilities if permitted ?


Replies (1)

RE: [question] DOM Storage on unsecure connection ? - Added by Soren Stoutner 6 months ago

I'm not aware of Privacy Browser blocking DOM storage on HTTP sites, but I have never tested it myself. If it is, it is because of WebView's default functionality.

Note that Privacy Browser does block mixed content. So, if the main URL is HTTPS and the website makes a request to load an image over the less secure HTTP, that HTTP request will be blocked.

https://developer.android.com/reference/android/webkit/WebSettings#setMixedContentMode(int)

    (1-1/1)