Show warning when unsafe CSP policy is in use (#7804)

* Show warning when unsafe CSP policy is in use * Fix bare markdown URL * i18n: fr * Minor i18n: fr * Add target="_blank" to i18n strings --------- Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
author: Inverle <inverle@proton.me> 2025-08-09 21:47:39 +0200
committer: GitHub <noreply@github.com> 2025-08-09 21:47:39 +0200
commit: 2b85a50ed72982ab0c0f9ef98c7ed1e15f21bf5f (patch)
tree: 7bb8412d5b14142a384e0da8cb6255802935d053 /config.default.php
parent: 1030973d903c746d4fb10b863c7b9aebb5c448e1 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/config.default.php b/config.default.php
index c839c9a3c..91eca5597 100644
--- a/config.default.php
+++ b/config.default.php
@@ -83,6 +83,11 @@ return [
 	#	https://example.net/FreshRSS/p/i/?c=auth&a=login&u=alice&p=1234
 	'unsafe_autologin_enabled' => false,
 
+	# By default, FreshRSS will display a warning to logged-in admin users if the CSP policy is insecure.
+	#	This setting can disable the warning.
+	#	For more information see: https://freshrss.github.io/FreshRSS/en/admins/10_ServerConfig.html#security
+	'suppress_csp_warning' => false,
+
 	# Enable or not the use of syslog to log the activity of
 	#	SimplePie, which is retrieving RSS feeds via HTTP requests.
 	'simplepie_syslog_enabled' => true,
author	Inverle <inverle@proton.me>	2025-08-09 21:47:39 +0200
committer	GitHub <noreply@github.com>	2025-08-09 21:47:39 +0200
commit	2b85a50ed72982ab0c0f9ef98c7ed1e15f21bf5f (patch)
tree	7bb8412d5b14142a384e0da8cb6255802935d053 /config.default.php
parent	1030973d903c746d4fb10b863c7b9aebb5c448e1 (diff)