FreshRSS
[ImageProxy] Domain whitelist
Default behaviour breaks images that load from internal domains, currently there is no way from within FreshRSS to prevent such domains from going through the configured proxy.
Unless I'm missing something I don't think that would help much. Mixed content is blocked after all.
The internal domains are using custom certs, things load properly when done directly.
I'm not opposed to adding a whitelist, but in that case the more obvious solution would seem to be to use the default settings (i.e., don't force proxy HTTPS).
I'm mainly interested in caching and allowing intranet clients to be able to view articles without requiring internet access.
I think a simple comma-separated text input (with explode()) should probably do the trick?
I mean around here: https://github.com/FreshRSS/Extensions/blob/9f21984b8c9e75c48496d285795953642a8ec977/xExtension-ImageProxy/extension.php#L72C1-L74C73
Along these lines (NB untested pseudocode, might accidentally run correctly :-)
$whitelist = "bla.bla,bleep.bla"; // but from userConf
$parsed_url = parse_url($url);
$scheme = isset($parsed_url['scheme']) ? $parsed_url['scheme'] : null;
$host = isset($parsed_url['host']) ? $parsed_url['host'] : null;
if ($host && in_array($host, explode(',', $whitelist))) {
return $url;
Please feel free to test and PR; I don't have time to atm and I don't know if I will this week.
There is an additional use case for this feature: The https://wsrv.nl service blocks certain domains from being proxied.
An example is the following: https://wsrv.nl/?url=i0.wp.com%2Fwww.omgubuntu.co.uk%2Fwp-content%2Fuploads%2F2025%2F08%2Flrr-july.jpg%3Fresize%3D406%252C232%26ssl%3D1
A list of ignored URLs would be helpful for such blocked domains.
@sliverc That's the exact scenario that I ran into which I opened this feature request for. Even when self-hosting wsrv, it still refuses certain domains, namely ones within private IP ranges.