diff --git a/README.md b/README.md index 48393435..4c6b987c 100644 --- a/README.md +++ b/README.md @@ -22,7 +22,7 @@ Features - Provides full-text search (powered by Postgres). - Available in 20 languages: Portuguese (Brazilian), Chinese (Simplified and Traditional), Dutch, English (US), Finnish, French, German, Greek, Hindi, Indonesian, Italian, Japanese, Polish, Romanian, Russian, Taiwanese POJ, Ukrainian, Spanish, and Turkish. -### Privacy +### Privacy and Security - Removes pixel trackers. - Strips tracking parameters from URLs (e.g., `utm_source`, `utm_medium`, `utm_campaign`, `fbclid`, etc.). @@ -33,6 +33,8 @@ Features - Plays YouTube videos via the privacy-focused domain `youtube-nocookie.com`. - Supports alternative YouTube video players such as [Invidious](https://invidio.us). - Blocks external JavaScript to prevent tracking and enhance security. +- Sanitizes external content before rendering it. +- Enforces a [Content Security](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) and a [Trusted Types Policy](https://developer.mozilla.org/en-US/docs/Web/API/Trusted_Types_API) to only application JavaScript and blocks inline scripts and styles. ### Bot Protection Bypass Mechanisms @@ -97,13 +99,15 @@ Features - Allows the use of custom SSL certificates. - Supports [HTTP/2](https://en.wikipedia.org/wiki/HTTP/2) when TLS is enabled. - Updates feeds in the background using an internal scheduler or a traditional cron job. -- Sanitizes external content before rendering it. -- Enforces a [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) that permits only application JavaScript and blocks inline scripts and styles. - Uses native lazy loading for images and iframes. - Compatible only with modern browsers. - Adheres to the [Twelve-Factor App](https://12factor.net/) methodology. - Provides official Debian/RPM packages and pre-built binaries. - Publishes a Docker image to Docker Hub, GitHub Registry, and Quay.io Registry, with ARM architecture support. +- Uses a limited amount of third-party go dependencies +- Has a comprehensive testsuite, with both unit tests and integration tests. +- Only uses a couple of MB of memory and a negligible amount of CPU, even with several hundreds of feeds. +- Respects/sends Last-Modified, If-Modified-Since, If-None-Match, Cache-Control, Expires and ETags headers, and has a default polling interval of 1h. Documentation -------------