* Update the 'Refreshing feeds' page
* add the 'user' parameter and clarify the 'token' parameter usage
* remove old token screenshots, add a new one from profile page
* update the authentication page screenshot
* clarify the anonymous refreshing of the feeds
* Add myself to CREDITS.md
* Update Refresh feeds docs page content
* Tweak the content headings to match the actual headings
* Fix the link to Form authentication paragraph
* PNG compress more (16 colours + OptiPNG)
* Minor typography
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Add a reference to the check where the warning is triggered
Note:
This is the place where the admin sees the browser pointing to.
Adding this information here allows the admin to find the matching
documentation entry.
* Update Content-Security-Policy section of english ServerConfig documentation
Note:
This fixes some minor formating/typping issues and adds some clarity to
the fact that this warning is also triggered on correctly configured
hosts, simply due to the nature of how correctness of CSP rules are checked.
* Move CSP infor source-code comment into console.info
Note:
Improve visibility of why this is happening.
* Point towards static website documentation instead of git
This URL should also remain more fixed even accross new branches/releases.
Co-authored-by: Inverle <inverle@proton.me>
* Minor fixes
* Remove overwrite part
---------
Co-authored-by: Inverle <inverle@proton.me>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
closes https://github.com/FreshRSS/FreshRSS/issues/8405
- Add documentation on how to trust own CA that issued self-signed certificate as authentik signing key
- Add example in Docker Example
How to test the feature manually:
1. Create your own CA
2. Issue a certificate
3. Use the issued certificate as a signing-key in authentik when configuring FreshRSS provider
4. Add created CA on host's CA store by running `update-ca-certificates`
5. Mount the `/etc/ssl/certs/ca-certificates.crt` file on FreshRSS container
6. Start the container
7. Navigate to FreshRSS in the browser
8. Authentik login form should be displayed and work as normal.
* Improve layout of documentation page and add search feature
Closes https://github.com/FreshRSS/FreshRSS/issues/7915, https://github.com/FreshRSS/FreshRSS/issues/5325
Also: anchor headings and fix building site locally
* Further improvements
* Set color of hyperlinks
* Consistent styling of close aside button across devices
* Mobile layout 600px -> 1200px
* Add suffix to docs `<title>`
* Note: titles of pages probably need to be improved, since currently they are just derived from the names of the first heading on every page
* Add favicon
* Improve font
* Try to fix favicon not loading correctly on GH pages
* Use local font
* Attempt to fix GH pages
* Final improvements
* Copy to clipboard button
* Support for nojs search
* Dark mode
* Load search.json (200KB json) only on search input focus
* Keep scroll state of sidebar across navigations
* Clickable images and CSP
CSP so we avoid hotlinking resources and clickable images are useful for zooming on mobile for example
* Fix typos
* Disable Dark Reader extension if dark mode CSS is loaded
* Support internationalisation (via language dropdown)
* Add Gemfile.lock
* Make CI build work with the custom plugin
* Make menus closable with Esc
* Fix typos CI
* Suggestions
* Use `ruby/setup-ruby` action in workflow for installing and caching gems.
* Run build only when there are changes to `docs/`
See: https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows?versionId=free-pro-team%40latest&productId=actions#running-your-workflow-only-when-a-push-to-specific-branches-occurs
* Change font to `Open Sans`
* Increase line height
* Fix Liquid syntax error
So that renaming something like `conf.shortcut.toggle_sidebar` to `conf.shortcut.toggle_aside` can be done easily even after already having added `conf.shortcut.toggle_sidebar` and translated it in multiple languages.
Example of usage:
```console
./cli/manipulate.translation.php -a move -k conf.shortcut.toggle_sidebar -n conf.shortcut.toggle_aside
```
```console
make i18n-move-key key="conf.shortcut.toggle_sidebar" new-key="conf.shortcut.toggle_aside"
```
The key will be moved and all values/states will be kept.
* Housekeeping lib_rss.php
`lib_rss.php` had become much too large, especially after https://github.com/FreshRSS/FreshRSS/pull/7924
Moved most functions to other places.
Mostly no change of code otherwise (see comments).
* Extension: composer run-script phpstan-third-party
Allow the use of regex `\b` for word boundary (and `\B` for the opposite) even when using PostgreSQL.
Follow up of:
* https://github.com/FreshRSS/FreshRSS/pull/6706
For instance, `intitle:/\bnew\B/` will find *newest* but not *new* nor *renewal*.
Useful in particular to minimise the differences between PHP and database in:
* https://github.com/FreshRSS/FreshRSS/pull/7959
Example: `userdate:PT1H` to select only articles modified by user during the last hour
Fix https://github.com/FreshRSS/FreshRSS/issues/4280#issuecomment-3393078024
Useful for instance to bulk mark as unread recently marked articles by error:
1. Click on the toggle button to show the read articles (making sure the toggle for the unread articles is off)
2. Sort by *User modified 9→1*
3. Filter by *user modified date*, for instance to the last 3 hours by typing `userdate:PT3H`
4. Click in the drop-down menu *Mark selection as unread*
P.S.: I have added at the same time a bunch of unit tests for date-related logic
* Add UI for advanced search
To help users with the seach operators.
Obviously not as powerful as a manually-written search query.
Lack in particular negation and logical *and* for now, but I might try to do something about it.
<img width="939" height="1438" alt="image" src="https://github.com/user-attachments/assets/0bcad39b-eff3-4f44-876b-a2552af2af00" />
* Consistency: allow multiple user queries like S:1,2
* Fix user query and add tests
* Change regional language codes
According to `ISO-639-1` and `ISO-3166-1 alpha-2` recommendations, regional
languages must be written with the language code in lowercase and the region
in uppercase. For instance, we should have `en-US` instead of `en-us`.
Folders have been updated to reflect those recommendations and regional
language codes have been updated in the translation files.
* Update README files
* Fix configuration for typos
* Revert language order in documentation
* Remove unnecessary code
* Change language configuration getter
* Fix phpstan error
* Fix typo
* Add types
* escape regex
* Move language logic to avoid magic or deprecated methods
* Minor fix on regex
* Add a new hook in the UI
The new hook allows extension to add their own tool bar to navigate between
entries. For instance, if the user wants less or more buttons that what's
available by default.
See #7912
See #7913
* add link data to ease navigation
Extension can now define their hook priority. This will allow to define the order in which hooks are triggered.
See #7110Closes#7110
Changes proposed in this pull request:
- Add support for extension priority
How to test the feature manually:
1. Create an extension with 2 hooks on the same hook type but different priority
2. The hooks must be prepending the title with different values
3. Validate that changing the hook priority changes the final title accordingly.
* Show warning when unsafe CSP policy is in use
* Fix bare markdown URL
* i18n: fr
* Minor i18n: fr
* Add target="_blank" to i18n strings
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
Closes#3789, #6503
Icon setting when no custom icon is set yet:
- `Change...` button opens a file dialog, and after selecting a file shows the chosen icon in the preview on the left. `Submit` must be clicked after selecting the icon.
- `Reset to default` changes the preview icon to the default one, and also requires `Submit` to be clicked to apply the changes.
Full list of changes:
- CSP now includes `blob:` in `img-src` for
- `indexAction()` and `feedAction()` in `subscriptionController.php`
- all of the view actions in `indexController.php`
- Introduce new attribute `customFavicon (boolean)` for feeds that indicates if the feed has a custom favicon
- `hashFavicon()` in `Feed.php` is dependent on this attribute
- `hashFavicon()` has a new parameter called `skipCache (boolean)` that allows the reset of the favicon hash for the Feed object
- `resetFaviconHash()` just calls `hashFavicon(skipCache: true)`
- `f.php` URLs now have the format of `/f.php?h=XXXXX&t=cachebuster`, where the `t` parameter is only used for serving custom favicons
- if `t` parameter is set, `f.php` returns a `Cache-Control: immutable` header
- `stripos` and `strpos` were changed to `str_contains` in various places (refactor)
- JS for handling the custom favicon configuration logic is in `extra.js` inside `init_update_feed()` which is called when feed configuration is opened from the aside or when the subscription management page with the feed is loaded
- Server-side code for uploading the icon in `subscriptionController.php` under `feedAction()`
- Errors that may occur during the setting of a custom favicon:
- Unsupported image file type (handled only server-side with `isImgMime()`)
- When the file is bigger than 1 MiB (default), handled both client-side and server-side
- Standard feed error when `updateFeed()` fails
- JS vars `javascript_vars.phtml` are no longer escaped with `htmlspecialchars()`, instead with json encoding,
- CSS for disabled buttons was added
- Max favicon file size is configurable with the `max_favicon_upload_size` option in `config.php` (not exposed via UI)
- Custom favicons are currently deleted only when they are either reset to the default icon, or the feed gets deleted. They do not get deleted when the user deletes their account without removing their feeds first.
- ` faviconPrepare()` and `faviconRebuild()` are not allowed to be called when the `customFavicon` attribute is `true`
- New i18n strings:
- `'sub.feed.icon' => 'Icon'`
- `'sub.feed.change_favicon' => 'Change…'`
- `'sub.feed.reset_favicon' => 'Reset to default'`
- `'sub.feed.favicon_changed_by_ext' => 'The icon has been set by the <b>%s</b> extension.'`
- `'feedback.sub.feed.favicon.too_large' => 'Uploaded icon is too large. The maximum file size is <em>%s</em>.'`
- `'feedback.sub.feed.favicon.unsupported_format' => 'Unsupported image file format!'`
- Extension hook `custom_favicon_hash`
- `setCustomFavicon()` method
- `resetCustomFavicon()` method
- `customFaviconExt` and `customFaviconDisallowDel` attributes
- example of usage: https://github.com/FreshRSS/Extensions/pull/337
- Extension hook `custom_favicon_btn_url`
- Allows extensions to implement a button for setting a custom favicon for individual feeds by providing an URL. The URL will be sent a POST request with the `extAction` field set to either `query_icon_info` or `update_icon`, along with an `id` field which describes the feed's ID.
* + Exposed the reading modes for extensions through Minz. Now extensions can add a custom view mode. Graceful fallback to normal view in case the extension was disabled without resetting the view_mode through the uninstall method. In that case the user will be informed via Minz_Request::setBadNotification that the view has been reset to normal.
+ Added translation strings for de, en and en-us for the notification
* + Added missing, generated translations
* Simplify indexAction, performance
* Minor settings htmlspecialchars
* i18n: fr
* Minor wording
* Doc
* Fix i18n
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Add API endpoint for extensions
Useful for https://github.com/FreshRSS/FreshRSS/issues/7572
* Support PATH_INFO
Now also support being invoked like `/api/misc.php/Extension%20Name/`
* More documentation
* Update 10_filter.md to provide detailed explanations of the time syntax.
* Update 03_Main_view.md to provide detailed explanations of the time syntax.
* Reworded
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Add documentation for OIDC login via Pocket IT
* Images for the Pocket ID OIDC docs
* Update 16_OpenID-Connect.md
* Recompress images (too big)
* Fix typo and reduce long lines
* Remove advise on changing username
Which only work to some extent with SQLite (breaking a few minor things such as WebSub, API) and not at all with other databases
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
