mirror of https://github.com/FreshRSS/FreshRSS.git
7aaed6092f
* SimplePie strip iframe allow attribute https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe#allow Besides security, the `allow autoplay` atttribute is especially problematic on mobile (Firefox on Android) as it asks to open the YouTube app as soon as the article is opened. Example of code before: ```html <iframe data-original="https://www.youtube.com/embed/??????feature=oembed" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen="" sandbox="allow-scripts allow-same-origin"></iframe> ``` * Replace allow attribute * Allow more |
||
---|---|---|
.. | ||
Minz | ||
SimplePie | ||
core-extensions | ||
marienfressinaud/lib_opml | ||
phpgt/cssxpath | ||
phpmailer/phpmailer | ||
.gitignore | ||
.htaccess | ||
README.md | ||
composer.json | ||
favicons.php | ||
http-conditional.php | ||
lib_date.php | ||
lib_install.php | ||
lib_rss.php |
README.md
Libraries
Updating libraries
Some of the libraries in this folder can be updated semi-automatically by invoking:
cd ./FreshRSS/lib/
composer update --no-autoloader
Remember to read the change-logs, proof-read the changes, preserve possible local patches, add irrelevant files to .gitignore
(minimal installation), and test before committing.