mirror of
https://github.com/PrivateBin/PrivateBin.git
synced 2024-03-22 13:10:41 +08:00
Improve Readme
This commit is contained in:
parent
53a8449674
commit
92f2d27cb7
|
@ -38,10 +38,11 @@ without losing any data.
|
||||||
|
|
||||||
## What it doesn't provide
|
## What it doesn't provide
|
||||||
|
|
||||||
- As a user you have to trust the server administrator.
|
- As a user you have to trust the server administrator not to inject any malicious
|
||||||
|
javascript code.
|
||||||
For basic security, the PrivateBin installation *has to provide HTTPS*!
|
For basic security, the PrivateBin installation *has to provide HTTPS*!
|
||||||
Otherwise you would also have to trust your internet provider, and any country
|
Otherwise you would also have to trust your internet provider, and any country
|
||||||
the traffic passes through not to inject any malicious javascript code.
|
the traffic passes through.
|
||||||
Additionally the instance should be secured by
|
Additionally the instance should be secured by
|
||||||
[HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) and
|
[HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) and
|
||||||
ideally by [HPKP](https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning) using a
|
ideally by [HPKP](https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning) using a
|
||||||
|
|
Loading…
Reference in New Issue
Block a user