oss/miniflux-v2
oss/miniflux-v2
1
0
Fork 0
mirror of https://github.com/miniflux/v2.git synced 2025-06-27 16:36:00 +00:00
Code Wiki Activity
2216 commits 1 branch 82 tags 76 MiB
Commit graph

9 commits

Author SHA1 Message Date
Frédéric Guillot
036704b3e4 feat(response): change error response content type to plain text and escape HTML 
Adding another layer of security in addition to the existing CSP cannot
hurt.
 2025-05-11 19:15:54 -07:00
Frédéric Guillot
cb695e653a fix(security): use a more restrictive CSP for untrusted content 2025-03-29 19:49:41 -07:00
Frédéric Guillot
c531be8780 fix: update Content-Security-Policy to use 'sandbox' directive 2025-03-28 13:06:59 -07:00
Frédéric Guillot
3ebeb38ade fix(api): return 500 response when JSON serialization fails 2025-01-30 18:19:50 -08:00
Frédéric Guillot
2c4c845cd2 http/response: add brotli compression support 2024-04-19 12:16:49 -07:00
jvoisin
93c9d43497 http/response: get rid of the X-XSS-Protection header 
It's useless at best, dangerous at worst, and shouldn't be used anymore
anywhere. See the following resources for details:

- https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
- https://chromestatus.com/feature/5021976655560704
- https://bugzilla.mozilla.org/show_bug.cgi?id=528661
- https://blogs.windows.com/windows-insider/2018/07/25/announcing-windows-10-insider-preview-build-17723-and-build-18204/
 2024-03-24 13:45:38 -07:00
jinmiaoluo
fd69012357 Correct the timestamp format for Expires response header 2023-10-13 20:21:58 -07:00
Frédéric Guillot
c0e954f19d Implement structured logging using log/slog package 2023-09-24 22:37:33 -07:00
Frédéric Guillot
168a870c02 Move internal packages to an internal folder 
For reference: https://go.dev/doc/go1.4#internalpackages
 2023-08-10 20:29:34 -07:00