Customized version of FreshRSS, a self-hosted RSS feed aggregator https://git.rdnlsmith.com/fresh-rss-custom/atom?h=1.28.1-custom 2026-01-17T21:28:56+00:00 2026-01-17T21:28:56+00:00 Thomas Hufschmidt 11391961+Hufschmidt@users.noreply.github.com 2026-01-17T21:28:56+00:00 urn:sha1:2cbb5f8db1d0764aba9a66997f940739e8bb7eb1 * Add a reference to the check where the warning is triggered Note: This is the place where the admin sees the browser pointing to. Adding this information here allows the admin to find the matching documentation entry. * Update Content-Security-Policy section of english ServerConfig documentation Note: This fixes some minor formating/typping issues and adds some clarity to the fact that this warning is also triggered on correctly configured hosts, simply due to the nature of how correctness of CSP rules are checked. * Move CSP infor source-code comment into console.info Note: Improve visibility of why this is happening. * Point towards static website documentation instead of git This URL should also remain more fixed even accross new branches/releases. Co-authored-by: Inverle <inverle@proton.me> * Minor fixes * Remove overwrite part --------- Co-authored-by: Inverle <inverle@proton.me> Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> 2026-01-05T21:06:09+00:00 netsho 67299616+netsho@users.noreply.github.com 2026-01-05T21:06:09+00:00 urn:sha1:b8656e1df1fcf1deb68482a96318846e3da295c3 closes https://github.com/FreshRSS/FreshRSS/issues/8405 - Add documentation on how to trust own CA that issued self-signed certificate as authentik signing key - Add example in Docker Example How to test the feature manually: 1. Create your own CA 2. Issue a certificate 3. Use the issued certificate as a signing-key in authentik when configuring FreshRSS provider 4. Add created CA on host's CA store by running `update-ca-certificates` 5. Mount the `/etc/ssl/certs/ca-certificates.crt` file on FreshRSS container 6. Start the container 7. Navigate to FreshRSS in the browser 8. Authentik login form should be displayed and work as normal. 2025-11-26T22:47:29+00:00 Alexandre Alapetite alexandre@alapetite.fr 2025-11-26T22:47:29+00:00 urn:sha1:5e0093aa00a6b52df88f526a5b6f737eff057e0b Changed syntax for an even wider compatibility. Follow-up of https://github.com/FreshRSS/FreshRSS/pull/8254 Regression from https://github.com/FreshRSS/FreshRSS/pull/6957 MariaDB images on Docker Hub go back to 10.6, so changed documentation to indicate support from that version, as I cannot easily test even older versions. 2025-11-01T23:28:35+00:00 Inverle inverle@proton.me 2025-11-01T23:28:35+00:00 urn:sha1:500d05f3c5ec3a3dffa7791f7447bc0d31d6f7e0 * Implement whitelist for SimplePie sanitizer ref: https://github.com/FreshRSS/FreshRSS/pull/7770#issuecomment-3140334326 https://github.com/FreshRSS/simplepie/pull/53 https://github.com/simplepie/simplepie/pull/947 * Remove `<plaintext>` from whitelist * Improve order * Remove some tags from whitelist * Revert partially * sync * Display contents of `<noscript>` and `<noembed>` * sync * Allow use of `<track>` * sync again * Sync to SimplePie fork https://github.com/FreshRSS/simplepie/pull/53 * Alphabetic order * Reduce list of stripped attributes * Temporarily strip some attributes --------- Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> 2025-08-15T10:15:54+00:00 triatic 42704418+triatic@users.noreply.github.com 2025-08-15T10:15:54+00:00 urn:sha1:56df7f826a80de2c5f1c9c1a3b99fe38ea403d05 For fastcgi, REMOTE_USER is the correct variable. 2025-08-09T19:47:39+00:00 Inverle inverle@proton.me 2025-08-09T19:47:39+00:00 urn:sha1:2b85a50ed72982ab0c0f9ef98c7ed1e15f21bf5f * Show warning when unsafe CSP policy is in use * Fix bare markdown URL * i18n: fr * Minor i18n: fr * Add target="_blank" to i18n strings --------- Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr> 2025-06-18T20:15:54+00:00 Alexandre Alapetite alexandre@alapetite.fr 2025-06-18T20:15:54+00:00 urn:sha1:aa45bcbe5a0a723c4b6adfb50139be0be6336d2b Fix for https://github.com/FreshRSS/FreshRSS/commit/78a425636228066513bf14c7f74f6255062b2327 2025-06-18T19:11:41+00:00 ghostvirus 71750455+ghostvirus62@users.noreply.github.com 2025-06-18T19:11:41+00:00 urn:sha1:78a425636228066513bf14c7f74f6255062b2327 2025-06-02T22:16:17+00:00 Alexandre Alapetite alexandre@alapetite.fr 2025-06-02T22:16:17+00:00 urn:sha1:cc35094bb261cb3185def89d745317fa756560ee * Add API endpoint for extensions Useful for https://github.com/FreshRSS/FreshRSS/issues/7572 * Support PATH_INFO Now also support being invoked like `/api/misc.php/Extension%20Name/` * More documentation 2025-06-01T20:50:58+00:00 dependabot[bot] 49699333+dependabot[bot]@users.noreply.github.com 2025-06-01T20:50:58+00:00 urn:sha1:7d86cbe804f873895ea2c6ee76f652661f42341e * Bump markdownlint-cli from 0.44.0 to 0.45.0 Bumps [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli) from 0.44.0 to 0.45.0. - [Release notes](https://github.com/igorshubovych/markdownlint-cli/releases) - [Commits](https://github.com/igorshubovych/markdownlint-cli/compare/v0.44.0...v0.45.0) --- updated-dependencies: - dependency-name: markdownlint-cli dependency-version: 0.45.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Fix Markdown --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>