Remove 'SecurityCritical' attribute for psl-data
The list is used to prevent the setting of super-cookies for independent domains, so in a way, the content is related to security. Anyhow, having it always up to date is not super critical, as this is used mostly as a band-aid. Also, the updates are fairly expensive in file size, and as upstream doesn't do classic 'releases', we must define how often we should update. Let's remove the urgency to update it for every patch-level release by removing the SecurityCritical attribute. Instead, we should aim for updating it right before minor releases, so about twice a year. This is btw what other projects are doing: Chromium updates the list twice a year, Debian even less often. Pick-to: 6.6 6.5 6.2 5.15 Change-Id: I05790f28002190ab0caa5a2a75e3b87cd44462d1 Reviewed-by: Marc Mutz <marc.mutz@qt.io>
This commit is contained in:
Kai Köhne
Marc Mutz
parent
c8599f1626
commit
ec7f06fa62
3
src/3rdparty/libpsl/qt_attribution.json
vendored
3
src/3rdparty/libpsl/qt_attribution.json
vendored
@ -13,14 +13,13 @@ It allows browsers to, for example:
|
||||
- Highlight the most important part of a domain name in the user interface
|
||||
|
||||
- Accurately sort history entries by site",
|
||||
"SecurityCritical": true,
|
||||
|
||||
"Files": "psl_data.cpp",
|
||||
"QtUsage": "Used in Qt Network to avoid setting \"supercookies\" in the cookie jar
|
||||
supported by Qt (by the QNetworkCookieJar class).",
|
||||
|
||||
"Comment": "Consult https://github.com/publicsuffix/list for the sha1 but download from ...",
|
||||
"Homepage": "http://publicsuffix.org/",
|
||||
"Comment": "Suggested update schedule: twice per year (before a 6.x.0 release)",
|
||||
"Version": "1a4824549b093abc3077205ae5386ed57f73806d, fetched on 2023-09-20",
|
||||
"DownloadLocation": "https://publicsuffix.org/list/public_suffix_list.dat",
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user