You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A less restricted view was first requested in #2426.
However, stickz worries that users may fall victim to phishing attacks if we show <a> links as in #2429.
Additionally, there is also a privacy threat when trying to show <img> resources from an unknown source in the browser.
We need more security features to protect against things like malware and child exploitation, before we can allow relaxing the RSS sanitation level changes --- stickz
Describe the solution you'd like
In my opinion, providing an option to show <a> links is reasonable since the user can hover the link to see where it leads.
On the other hand, <img> should not be fetched unless the request is proxied.
We can use GD to remove exif data from images before displaying them. However, we would need to create a new plugin and consider temporarily caching images processed. https://www.php.net/manual/en/book.image.php
Links should only be trusted (by default) if they belong to the domain of the RSS feed. We can distribute a whitelist file with preset values such as https://www.imdb.com/ so users can read movie reviews. noreferrer should be added to links for privacy.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Is your feature request related to a problem?
A less restricted view was first requested in #2426.
However, stickz worries that users may fall victim to phishing attacks if we show
<a>
links as in #2429.Additionally, there is also a privacy threat when trying to show
<img>
resources from an unknown source in the browser.Describe the solution you'd like
In my opinion, providing an option to show
<a>
links is reasonable since the user can hover the link to see where it leads.On the other hand,
<img>
should not be fetched unless the request is proxied.Suggestions by stickz:
Further security/privacy feature ideas by me:
public
,private
) for individual RSS feeds, instead ofSecure
andInsecure
action.php?fetchurl=...
guid
(opened with dblclick) or the torrenturl
matches the RSS feed domainAdditional context
Novik suggested to add
noreferrer
to links #2426 (comment)The text was updated successfully, but these errors were encountered: