diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2016-02-29 18:42:16 +0100 |
|---|---|---|
| committer | Alexandre Alapetite <alexandre@alapetite.fr>
| 2016-02-29 18:42:16 +0100 |
| commit | 657b9792246417aa221bceebb7e2f938b72e209e (patch) | |
| tree | 6ffdf837e2e6e7f0d038cec26be2f61dab62a3cc | |
| parent | 00fd6b5965e8050039f3b85683ca7df05a5959c7 (diff) | |
| parent | eee3a90a5077ee894836c81a98b78263a8c8976f (diff) | |
Merge branch 'FreshRSS/dev' into dev
| -rw-r--r-- | CHANGELOG.md | 4 | ||||
| -rw-r--r-- | data/force-https.default.txt | 1 |
2 files changed, 4 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 7efb05aae..096c930d1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,7 +5,9 @@ * Security * Added CSP `Content-Security-Policy: default-src 'self'; child-src *; img-src * data:; media-src *` [#1075](https://github.com/FreshRSS/FreshRSS/pull/1075) * Features - * Add sharing with "Journal du Hacker" [#1056](https://github.com/FreshRSS/FreshRSS/pull/1056) + * New list of domains for which to force HTTPS (for images, videos, iframes…) defined in `./data/force-https.default.txt` and `./data/force-https.txt` [#1083](https://github.com/FreshRSS/FreshRSS/issues/1083) + * In particular useful for privacy and to avoid mixed content errors, e.g. to see YouTube videos when FreshRSS is in HTTPS + * Add sharing with “Journal du Hacker” [#1056](https://github.com/FreshRSS/FreshRSS/pull/1056) * UI * Updated to jQuery 2.2.1 and changed code for auto-load on scroll [#1050](https://github.com/FreshRSS/FreshRSS/pull/1050), [#1091](https://github.com/FreshRSS/FreshRSS/pull/1091) * I18n diff --git a/data/force-https.default.txt b/data/force-https.default.txt index 668a7c0e8..044620098 100644 --- a/data/force-https.default.txt +++ b/data/force-https.default.txt @@ -1,5 +1,6 @@ dailymotion.com feedburner.com +gravatar.com gstatic.com tumblr.com wordpress.com |