From 2b85a50ed72982ab0c0f9ef98c7ed1e15f21bf5f Mon Sep 17 00:00:00 2001
From: Inverle <inverle@proton.me>
Date: Sat, 9 Aug 2025 21:47:39 +0200
Subject: Show warning when unsafe CSP policy is in use (#7804)

* Show warning when unsafe CSP policy is in use

* Fix bare markdown URL

* i18n: fr

* Minor i18n: fr

* Add target="_blank" to i18n strings

---------

Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
---
 config.default.php | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'config.default.php')

diff --git a/config.default.php b/config.default.php
index c839c9a3c..91eca5597 100644
--- a/config.default.php
+++ b/config.default.php
@@ -83,6 +83,11 @@ return [
 	#	https://example.net/FreshRSS/p/i/?c=auth&a=login&u=alice&p=1234
 	'unsafe_autologin_enabled' => false,
 
+	# By default, FreshRSS will display a warning to logged-in admin users if the CSP policy is insecure.
+	#	This setting can disable the warning.
+	#	For more information see: https://freshrss.github.io/FreshRSS/en/admins/10_ServerConfig.html#security
+	'suppress_csp_warning' => false,
+
 	# Enable or not the use of syslog to log the activity of
 	#	SimplePie, which is retrieving RSS feeds via HTTP requests.
 	'simplepie_syslog_enabled' => true,
-- 
cgit v1.2.3