FreshRSS (Customized)/app, branch 1.27.0 Customized version of FreshRSS, a self-hosted RSS feed aggregator https://git.rdnlsmith.com/fresh-rss-custom/atom?h=1.27.0 2025-08-15T07:37:00+00:00 Call cleanCache when refreshing feeds (#7827) 2025-08-15T07:37:00+00:00 Alexandre Alapetite alexandre@alapetite.fr 2025-08-15T07:37:00+00:00 urn:sha1:ade9ba88178537a2181c9f27d23c69d6dedad34b Otherwise, it is only called when calling `httpGet()` which can be rare for users not using Web Scraping. https://github.com/FreshRSS/FreshRSS/discussions/7784#discussioncomment-14109207 Fix some PHP 8.5 deprecations (#7826) 2025-08-15T07:36:45+00:00 Alexandre Alapetite alexandre@alapetite.fr 2025-08-15T07:36:45+00:00 urn:sha1:ddb9e91bf2b16aa6f31ebdb3a2119056e971ba96 https://github.com/php/php-src/blob/php-8.5.0beta1/NEWS https://php.net/function.curl-close > This function has no effect. Prior to PHP 8.0.0, this function was used to close the resource. Minor change of signature on_http_response (#7825) 2025-08-14T07:40:53+00:00 Alexandre Alapetite alexandre@alapetite.fr 2025-08-14T07:40:53+00:00 urn:sha1:cc8afa77505fba66dc8f6de794228184c7e05e74 Follow-up of https://github.com/FreshRSS/FreshRSS/pull/7824 Fix regression on_http_response (#7824) 2025-08-14T07:35:30+00:00 Alexandre Alapetite alexandre@alapetite.fr 2025-08-14T07:35:30+00:00 urn:sha1:531b9286d94f2f38e8725284bc2bd038f32d743e Fix regression (bad merge) from https://github.com/FreshRSS/FreshRSS/pull/7775 * https://github.com/FreshRSS/simplepie/pull/50 Fix share XML encoding (#7822) 2025-08-13T20:53:09+00:00 Alexandre Alapetite alexandre@alapetite.fr 2025-08-13T20:53:09+00:00 urn:sha1:4ef52d682560e95fed3a718bec04437e86199e40 Maybe related to https://github.com/FreshRSS/FreshRSS/issues/7820 Put CSP everywhere (#7810) 2025-08-11T17:35:54+00:00 Inverle inverle@proton.me 2025-08-11T17:35:54+00:00 urn:sha1:7df6c201f2e6a6521d20718dfd8d9794c7437d1f * Puts CSP everywhere in `p/api` * including the HTML query page ❗ * Also in `p/ext.php` * Puts `X-Content-Type-Options: nosniff` everywhere * Fixes custom icon configuration not showing `blob:` icon in statsController (idle feeds) * Also removes `style-src 'unsafe-inline'` since it doesn't seem to be needed * Improves CSP of `p/f.php` * Add `sandbox` directive Fix privacy link not being highlighted in configure (#7811) 2025-08-10T22:58:03+00:00 Inverle inverle@proton.me 2025-08-10T22:58:03+00:00 urn:sha1:2b1b268fc27268197b8c86ed839bf22daab79438 Show warning when unsafe CSP policy is in use (#7804) 2025-08-09T19:47:39+00:00 Inverle inverle@proton.me 2025-08-09T19:47:39+00:00 urn:sha1:2b85a50ed72982ab0c0f9ef98c7ed1e15f21bf5f * Show warning when unsafe CSP policy is in use * Fix bare markdown URL * i18n: fr * Minor i18n: fr * Add target="_blank" to i18n strings --------- Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> Remove unneeded execution permissions (#7802) 2025-08-08T20:39:33+00:00 Alexandre Alapetite alexandre@alapetite.fr 2025-08-08T20:39:33+00:00 urn:sha1:56d1d4f19480761109375e477d2626eb6712cfca New JS attribute: `data-auto-leave-validation` (#7785) 2025-08-08T15:39:38+00:00 Inverle inverle@proton.me 2025-08-08T15:39:38+00:00 urn:sha1:d9197d7e32a97f29829ffd4cf4371b1853e51fa2 Instead of a repeating pattern like: `<input type="text" value="something" data-leave-validation="something">`, you can now put a `data-auto-leave-validation="1"` attribute on a `<form>` for example, and it will automatically set the `data-leave-validation` attributes inside the form elements. `data_auto_leave_validation(parent)` from `extra.js` is called on slider open and page load. --------- Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> Co-authored-by: Frans de Jonge <fransdejonge@gmail.com>