mirror/FreshRSS
0
0
Fork 0
mirror of https://github.com/FreshRSS/FreshRSS.git synced 2026-02-15 07:51:14 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
cc1457ea2cc6f2ee56dfb2bcc30067e10a92a587
FreshRSS/p
History
Inverle 7e5d2d0727 Change Content-Disposition: inline to attachment in f.php (#8344) 
Some [misconfigured instances](https://github.com/FreshRSS/FreshRSS/issues/7835) may be stripping out the CSP header that `f.php` sends, which can be mitigated by forcing the browser to download the image instead of displaying it and executing JS code from unsanitized SVGs for example.

Contributes to https://github.com/FreshRSS/FreshRSS/pull/8263 and https://github.com/FreshRSS/FreshRSS/pull/7924
(improving security when CSP is not present)
2025-12-24 21:35:34 +01:00
..
api
Rework encoding of search filters (#8324)
2025-12-17 10:07:52 +01:00
i
scripts
Fix dropdown menus in sidebar going under the navigation bar (#8336)
2025-12-21 15:37:23 +01:00
themes
Display sidebar dropdowns above if no space below (#8335)
2025-12-21 14:02:27 +01:00
.htaccess
ext.php
f.php
Change Content-Disposition: inline to attachment in f.php (#8344)
2025-12-24 21:35:34 +01:00
favicon.ico
index.html
index.php
robots.txt
Web.config