diff options
| -rw-r--r-- | CHANGELOG.md | 2 | ||||
| -rw-r--r-- | app/FreshRSS.php | 2 | ||||
| -rw-r--r-- | app/i18n/de/install.php | 8 |
3 files changed, 6 insertions, 6 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 096c930d1..43823b536 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,7 +3,7 @@ ## 2016-03-xx FreshRSS 1.3.1-beta * Security - * Added CSP `Content-Security-Policy: default-src 'self'; child-src *; img-src * data:; media-src *` [#1075](https://github.com/FreshRSS/FreshRSS/pull/1075) + * Added CSP `Content-Security-Policy: default-src 'self'; child-src *; frame-src *; img-src * data:; media-src *` [#1075](https://github.com/FreshRSS/FreshRSS/pull/1075) * Features * New list of domains for which to force HTTPS (for images, videos, iframes…) defined in `./data/force-https.default.txt` and `./data/force-https.txt` [#1083](https://github.com/FreshRSS/FreshRSS/issues/1083) * In particular useful for privacy and to avoid mixed content errors, e.g. to see YouTube videos when FreshRSS is in HTTPS diff --git a/app/FreshRSS.php b/app/FreshRSS.php index bfbd7a6eb..d6f4f4062 100644 --- a/app/FreshRSS.php +++ b/app/FreshRSS.php @@ -113,7 +113,7 @@ class FreshRSS extends Minz_FrontController { public static function preLayout() { switch (Minz_Request::controllerName()) { case 'index': - header("Content-Security-Policy: default-src 'self'; child-src *; img-src * data:; media-src *"); + header("Content-Security-Policy: default-src 'self'; child-src *; frame-src *; img-src * data:; media-src *"); break; case 'stats': header("Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'"); diff --git a/app/i18n/de/install.php b/app/i18n/de/install.php index 2da744cfb..d16496818 100644 --- a/app/i18n/de/install.php +++ b/app/i18n/de/install.php @@ -63,8 +63,8 @@ return array( 'ok' => 'Ihr HTTP REFERER ist bekannt und entspricht Ihrem Server.', ), 'json' => array( - 'nok' => 'You lack a recommended library to parse JSON.', - 'ok' => 'You have a recommended library to parse JSON.', + 'nok' => 'Ihnen fehlt eine empfohlene Bibliothek um JSON zu parsen.', + 'ok' => 'Sie haben eine empfohlene Bibliothek um JSON zu parsen.', ), 'minz' => array( 'nok' => 'Ihnen fehlt das Minz-Framework.', @@ -91,8 +91,8 @@ return array( 'ok' => 'Die Berechtigungen des Verzeichnisses <em>./data/users</em> sind in Ordnung.', ), 'xml' => array( - 'nok' => 'You lack the required library to parse XML.', - 'ok' => 'You have the required library to parse XML.', + 'nok' => 'Ihnen fehlt die benötigte Bibliothek um XML zu parsen.', + 'ok' => 'Sie haben die benötigte Bibliothek um XML zu parsen.', ), ), 'conf' => array( |