mirror of
https://github.com/PrivateBin/PrivateBin.git
synced 2024-12-25 07:19:31 -05:00
Improve Readme
This commit is contained in:
parent
53a8449674
commit
92f2d27cb7
@ -38,10 +38,11 @@ without losing any data.
|
||||
|
||||
## What it doesn't provide
|
||||
|
||||
- As a user you have to trust the server administrator.
|
||||
- As a user you have to trust the server administrator not to inject any malicious
|
||||
javascript code.
|
||||
For basic security, the PrivateBin installation *has to provide HTTPS*!
|
||||
Otherwise you would also have to trust your internet provider, and any country
|
||||
the traffic passes through not to inject any malicious javascript code.
|
||||
the traffic passes through.
|
||||
Additionally the instance should be secured by
|
||||
[HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) and
|
||||
ideally by [HPKP](https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning) using a
|
||||
|
Loading…
Reference in New Issue
Block a user