mirror of https://github.com/FreshRSS/FreshRSS.git
7aaed6092f
* SimplePie strip iframe allow attribute https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe#allow Besides security, the `allow autoplay` atttribute is especially problematic on mobile (Firefox on Android) as it asks to open the YouTube app as soon as the article is opened. Example of code before: ```html <iframe data-original="https://www.youtube.com/embed/??????feature=oembed" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen="" sandbox="allow-scripts allow-same-origin"></iframe> ``` * Replace allow attribute * Allow more |
||
|---|---|---|
| .. | ||
| Minz | ||
| SimplePie | ||
| core-extensions | ||
| marienfressinaud/lib_opml | ||
| phpgt/cssxpath | ||
| phpmailer/phpmailer | ||
| .gitignore | ||
| .htaccess | ||
| README.md | ||
| composer.json | ||
| favicons.php | ||
| http-conditional.php | ||
| lib_date.php | ||
| lib_install.php | ||
| lib_rss.php | ||
README.md
Libraries
Updating libraries
Some of the libraries in this folder can be updated semi-automatically by invoking:
cd ./FreshRSS/lib/
composer update --no-autoloader
Remember to read the change-logs, proof-read the changes, preserve possible local patches, add irrelevant files to .gitignore (minimal installation), and test before committing.