diff --git a/FAQ b/FAQ index 56117c0b..57b99687 100644 --- a/FAQ +++ b/FAQ @@ -87,8 +87,10 @@ A: When it comes to checking there are three types of URLs: Q: Are Cookies insecure? -A: Yes. Cookies can store your IP. After storing, the cookies are sent out - to the server on request. So if you use the -C, --cookies option you - should know what you are doing! - But Cookies are only stored in memory. After LinkChecker finishes, they - are deleted and will be lost. +A: Cookies can not store more information as is in the HTTP request itself, + so you are not giving away any more system information. + After storing however, the cookies are sent out to the server on request. + Not to every server, but only to the one who the cookie originated from! + This could be used to "track" subsequent requests to this server. + Cookies are only stored in memory. After LinkChecker finishes, they + are lost. So the tracking is restricted to the checking time. diff --git a/linkchecker b/linkchecker index 97056612..daf38653 100755 --- a/linkchecker +++ b/linkchecker @@ -34,9 +34,9 @@ For single-letter option arguments the space is not a necessity. So -a, --anchors Check HTTP anchor references. Default is don't check anchors. -C, --cookies - Accept and send HTTP cookies according to RFC 2109. See the - FAQ for security-related questions about cookies. - Sent or accepted cookies are provided as additional logging + Accept and send HTTP cookies according to RFC 2109. Only cookies + which are sent back to the originating server are accepted. + Sent and accepted cookies are provided as additional logging information. -d, --denyallow Swap checking order to extern/intern. Default checking order diff --git a/setup.py b/setup.py index b70aa41e..b555ffcf 100755 --- a/setup.py +++ b/setup.py @@ -148,6 +148,7 @@ o restriction of link checking with regular expression filters for URLs o proxy support o username/password authorization for HTTP and FTP o robots.txt exclusion protocol support +o Cookie support o i18n support o a command line interface o a (Fast)CGI web interface (requires HTTP server)