* Add a reference to the check where the warning is triggered
Note:
This is the place where the admin sees the browser pointing to.
Adding this information here allows the admin to find the matching
documentation entry.
* Update Content-Security-Policy section of english ServerConfig documentation
Note:
This fixes some minor formating/typping issues and adds some clarity to
the fact that this warning is also triggered on correctly configured
hosts, simply due to the nature of how correctness of CSP rules are checked.
* Move CSP infor source-code comment into console.info
Note:
Improve visibility of why this is happening.
* Point towards static website documentation instead of git
This URL should also remain more fixed even accross new branches/releases.
Co-authored-by: Inverle <inverle@proton.me>
* Minor fixes
* Remove overwrite part
---------
Co-authored-by: Inverle <inverle@proton.me>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
closes https://github.com/FreshRSS/FreshRSS/issues/8405
- Add documentation on how to trust own CA that issued self-signed certificate as authentik signing key
- Add example in Docker Example
How to test the feature manually:
1. Create your own CA
2. Issue a certificate
3. Use the issued certificate as a signing-key in authentik when configuring FreshRSS provider
4. Add created CA on host's CA store by running `update-ca-certificates`
5. Mount the `/etc/ssl/certs/ca-certificates.crt` file on FreshRSS container
6. Start the container
7. Navigate to FreshRSS in the browser
8. Authentik login form should be displayed and work as normal.
* Show warning when unsafe CSP policy is in use
* Fix bare markdown URL
* i18n: fr
* Minor i18n: fr
* Add target="_blank" to i18n strings
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Add API endpoint for extensions
Useful for https://github.com/FreshRSS/FreshRSS/issues/7572
* Support PATH_INFO
Now also support being invoked like `/api/misc.php/Extension%20Name/`
* More documentation
* Add documentation for OIDC login via Pocket IT
* Images for the Pocket ID OIDC docs
* Update 16_OpenID-Connect.md
* Recompress images (too big)
* Fix typo and reduce long lines
* Remove advise on changing username
Which only work to some extent with SQLite (breaking a few minor things such as WebSub, API) and not at all with other databases
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Regex search
fix https://github.com/FreshRSS/FreshRSS/issues/3549
* Fix PHPStan
* Fix escape
* Fix ungreedy
* Initial support for regex search in PostgreSQL and MySQL
* Improvements, support MySQL
* Fix multiline
* Add support for SQLite
* A few tests
* Added author: and inurl: support, documentation
* author example
* Remove \b for now
* Disable regex sanitization for now
* Fix getInurlRegex
* getNotInurlRegex
* Quotes for inurl:
* Fix test
* Fix quoted tags + regex for tags
https://github.com/FreshRSS/FreshRSS/issues/6761
* Fix wrong regex detection
* Add MariaDB
* Fix logic
* Increase requirements for MySQL and MariaDB
Check support for multiline mode in MySQL
* Remove sanitizeRegexes()
* Allow searching HTML code
Allow searching for instance `/<pre>/`
Fix https://github.com/FreshRSS/FreshRSS/issues/6775#issuecomment-2331769883
* Doc regex search HTML
* Fix Doctype
* Fix OIDC session params definition
- standardize environment variable names
- group all in the same configuration file
- use mod_auth_openidc default values
- fix `OIDCSessionMaxDuration` because it was not set with the previous
code
- add documentation
* Add double quoting to prevent globbing and word splitting
* Revert line deleted by mistake
* CLI database backup and restore
Can also be used to migrate from one database to another (e.g. MySQL to PostgreSQL) or to ease upgrade to a major PostgreSQL version (e.g. 15 to 16).
* +x
* Fix some cases
* Update to docker-compose-v2
* More documentation
* Update 16_OpenID-Connect-Authentik.md
updated docs
* Add files via upload
* Update 16_OpenID-Connect-Authentik.md
Updated documentation with many clarifications. The most important one is the redirect URL which must include the port or it will not work. To ensure compatibility, I have recommended both URLs be added, with and without the port. Example docker-compose also added with traefik reverse proxy.
* Reduce screenshot size
* Fixes and improvements
* Allow changing auth to HTTP
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Fix ignored TRUSTED_PROXY issue
* Add a sub-section to the docs no property mappings for Authentik
* Typo
* Fix typing
* A few changes to the doc
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
* Use RemoteIPInternalProxy directive of remoteip Apache module
instead of RemoteIPTrustedProxy directive
To allow internal IPs to be trusted: for internal clients,
and also for the case of chained internal reverse-proxies
Fixes#5726
* One last reference forgotten
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
