feat: add allow insecure connections toggle in system settings

Block ws:// relay connections and http:// resource loading by default to prevent browser mixed content warnings. When blocked, resources show clickable URL links instead of error placeholders so users can open them manually. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-21 23:12:09 +08:00 · 2026-03-21 23:12:09 +08:00 · 3b4a2ba2d3
commit 3b4a2ba2d3
parent c9bd7ca7d7
29 changed files with 156 additions and 24 deletions
--- a/src/services/local-storage.service.ts
+++ b/src/services/local-storage.service.ts
@ -63,6 +63,7 @@ class LocalStorageService {
  private enableSingleColumnLayout: boolean = true
  private faviconUrlTemplate: string = DEFAULT_FAVICON_URL_TEMPLATE
  private filterOutOnionRelays: boolean = !isTorBrowser()
+  private allowInsecureConnection: boolean = false
  private quickReaction: boolean = false
  private quickReactionEmoji: string | TEmoji = '+'
  private nsfwDisplayPolicy: TNsfwDisplayPolicy = NSFW_DISPLAY_POLICY.HIDE_CONTENT
@ -253,6 +254,9 @@ class LocalStorageService {
      this.filterOutOnionRelays = filterOutOnionRelaysStr !== 'false'
    }

+    this.allowInsecureConnection =
+      window.localStorage.getItem(StorageKey.ALLOW_INSECURE_CONNECTION) === 'true'
+
    this.quickReaction = window.localStorage.getItem(StorageKey.QUICK_REACTION) === 'true'
    const quickReactionEmojiStr =
      window.localStorage.getItem(StorageKey.QUICK_REACTION_EMOJI) ?? '+'
@ -650,6 +654,15 @@ class LocalStorageService {
    window.localStorage.setItem(StorageKey.FILTER_OUT_ONION_RELAYS, filterOut.toString())
  }

+  getAllowInsecureConnection() {
+    return this.allowInsecureConnection
+  }
+
+  setAllowInsecureConnection(allow: boolean) {
+    this.allowInsecureConnection = allow
+    window.localStorage.setItem(StorageKey.ALLOW_INSECURE_CONNECTION, allow.toString())
+  }
+
  getQuickReaction() {
    return this.quickReaction
  }