Customized version of FreshRSS, a self-hosted RSS feed aggregator https://git.rdnlsmith.com/fresh-rss-custom/atom?h=edge 2025-12-04T19:10:20+00:00 2025-12-04T19:10:20+00:00 Inverle inverle@proton.me 2025-12-04T19:10:20+00:00 urn:sha1:6d2bb24b3772a7b839d6911c1e1fe27151d29bfa Completes the following TODO https://github.com/FreshRSS/FreshRSS/issues/7923: https://github.com/FreshRSS/FreshRSS/blob/de624dc8ce63ec819c61216d9d44f828841c293e/app/Controllers/authController.php#L105 Extension PR: https://github.com/FreshRSS/Extensions/pull/364 https://github.com/FreshRSS/Extensions/tree/main/xExtension-UnsafeAutologin 2025-09-21T11:29:58+00:00 Alexandre Alapetite alexandre@alapetite.fr 2025-09-21T11:29:58+00:00 urn:sha1:bc3e4c8fa4bae9591166e12caa3fb6bf73893102 * Add option for CSP frame-ancestors https://github.com/FreshRSS/FreshRSS/discussions/7856 * Revert contentSelectorPreviewAction * Same for f.php and api * Fix double init in f.php * No sandbox for API page 2025-08-09T19:47:39+00:00 Inverle inverle@proton.me 2025-08-09T19:47:39+00:00 urn:sha1:2b85a50ed72982ab0c0f9ef98c7ed1e15f21bf5f * Show warning when unsafe CSP policy is in use * Fix bare markdown URL * i18n: fr * Minor i18n: fr * Add target="_blank" to i18n strings --------- Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> 2025-07-31T11:53:14+00:00 Inverle inverle@proton.me 2025-07-31T11:53:14+00:00 urn:sha1:3ce64d271b2b470bd6c9f7294946347dcdfed9b9 * Implement sudo mode / reauthentication * i18n: fr * generate flags * Improvements * Remove HMAC check * Don't require reauth to access logs when signed in as admin * Notify user of bad login via notification instead --------- Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> 2025-07-31T07:17:42+00:00 Alexandre Alapetite alexandre@alapetite.fr 2025-07-31T07:17:42+00:00 urn:sha1:7a0c423357818b19eb431775452b1357bc7fd3eb * Implement support for HTTP 429 Too Many Requests Will obey the corresponding HTTP `Retry-After` header at domain level. * Implement 503 Service Unavailable * Sanitize Retry-After * Reduce default value when Retry-After is absent And make configuration parameter * Retry-After also for favicons 2025-06-30T10:01:56+00:00 Inverle inverle@proton.me 2025-06-30T10:01:56+00:00 urn:sha1:7915abd833e1ab7a72ad27b3ec52020ac9ab7051 Closes #3789, #6503 Icon setting when no custom icon is set yet:  - `Change...` button opens a file dialog, and after selecting a file shows the chosen icon in the preview on the left. `Submit` must be clicked after selecting the icon. - `Reset to default` changes the preview icon to the default one, and also requires `Submit` to be clicked to apply the changes. Full list of changes: - CSP now includes `blob:` in `img-src` for - `indexAction()` and `feedAction()` in `subscriptionController.php` - all of the view actions in `indexController.php` - Introduce new attribute `customFavicon (boolean)` for feeds that indicates if the feed has a custom favicon - `hashFavicon()` in `Feed.php` is dependent on this attribute - `hashFavicon()` has a new parameter called `skipCache (boolean)` that allows the reset of the favicon hash for the Feed object - `resetFaviconHash()` just calls `hashFavicon(skipCache: true)` - `f.php` URLs now have the format of `/f.php?h=XXXXX&t=cachebuster`, where the `t` parameter is only used for serving custom favicons - if `t` parameter is set, `f.php` returns a `Cache-Control: immutable` header - `stripos` and `strpos` were changed to `str_contains` in various places (refactor) - JS for handling the custom favicon configuration logic is in `extra.js` inside `init_update_feed()` which is called when feed configuration is opened from the aside or when the subscription management page with the feed is loaded - Server-side code for uploading the icon in `subscriptionController.php` under `feedAction()` - Errors that may occur during the setting of a custom favicon: - Unsupported image file type (handled only server-side with `isImgMime()`) - When the file is bigger than 1 MiB (default), handled both client-side and server-side - Standard feed error when `updateFeed()` fails - JS vars `javascript_vars.phtml` are no longer escaped with `htmlspecialchars()`, instead with json encoding, - CSS for disabled buttons was added - Max favicon file size is configurable with the `max_favicon_upload_size` option in `config.php` (not exposed via UI) - Custom favicons are currently deleted only when they are either reset to the default icon, or the feed gets deleted. They do not get deleted when the user deletes their account without removing their feeds first. - ` faviconPrepare()` and `faviconRebuild()` are not allowed to be called when the `customFavicon` attribute is `true` - New i18n strings: - `'sub.feed.icon' => 'Icon'` - `'sub.feed.change_favicon' => 'Change…'` - `'sub.feed.reset_favicon' => 'Reset to default'` - `'sub.feed.favicon_changed_by_ext' => 'The icon has been set by the <b>%s</b> extension.'` - `'feedback.sub.feed.favicon.too_large' => 'Uploaded icon is too large. The maximum file size is <em>%s</em>.'` - `'feedback.sub.feed.favicon.unsupported_format' => 'Unsupported image file format!'` - Extension hook `custom_favicon_hash` - `setCustomFavicon()` method - `resetCustomFavicon()` method - `customFaviconExt` and `customFaviconDisallowDel` attributes - example of usage: https://github.com/FreshRSS/Extensions/pull/337 - Extension hook `custom_favicon_btn_url` - Allows extensions to implement a button for setting a custom favicon for individual feeds by providing an URL. The URL will be sent a POST request with the `extAction` field set to either `query_icon_info` or `update_icon`, along with an `id` field which describes the feed's ID. 2024-11-28T16:11:04+00:00 Luc SANCHEZ 4697568+ColonelMoutarde@users.noreply.github.com 2024-11-28T16:11:04+00:00 urn:sha1:15745d42b779ad14efde2932ab116f45eee39246 * revert Fix code indentation Fix code Upgrade code to php 8.1 * fix remarques * code review * code review * code review * Apply suggestions from code review * code review * Fixes * Many remainging updates of array syntax * Lost case 'reading-list' * Uneeded PHPDoc --------- Co-authored-by: Luc Sanchez <l.sanchez-prestataire@alptis.fr> Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> 2024-09-20T21:25:38+00:00 Alexandre Alapetite alexandre@alapetite.fr 2024-09-20T21:25:38+00:00 urn:sha1:ffc3d393e52e3c0d62e23dbd6fdc8fe695ca96ee * SimplePie support for HTTP cache policies Discussion in https://github.com/FreshRSS/simplepie/pull/26 * Bump SimplePie commit * Typos * Typos * Simpler logic * Explicitly disable cache for non-GET flows * Bump SimplePie commit * Bump SimplePie commit * Bump SimplePie commit * Bump SimplePie commit 2024-09-06T07:06:46+00:00 Alexandre Alapetite alexandre@alapetite.fr 2024-09-06T07:06:46+00:00 urn:sha1:a81656c3ed5b8fe0f31794a4fbe0d1a907fca8e8 * Upgrade to PHP 8.1 As discussed in https://github.com/FreshRSS/FreshRSS/discussions/5474 https://www.php.net/releases/8.0/en.php https://www.php.net/releases/8.1/en.php Upgrade to available native type declarations https://php.net/language.types.declarations Upgrade to https://phpunit.de/announcements/phpunit-10.html which requires PHP 8.1+ (good timing, as version 9 was not maintained anymore) Upgrade `:oldest` Docker dev image to oldest Alpine version supporting PHP 8.1: Alpine 3.16, which includes PHP 8.1.22. * Include 6736 https://github.com/FreshRSS/FreshRSS/pull/6736 2024-02-26T08:01:49+00:00 Alexandre Alapetite alexandre@alapetite.fr 2024-02-26T08:01:49+00:00 urn:sha1:bdf899164b6ba127edd42352e85dc37ab445966a * System option for number of feeds to refresh in parallel fix https://github.com/FreshRSS/FreshRSS/issues/6123 * Forgot refreshDynamicOpml