mirror of
https://github.com/YunoHost-Apps/etherpad_ynh.git
synced 2024-09-03 18:36:10 +02:00
Update settings.json
This commit is contained in:
parent
9d8fb75370
commit
bb455ca6d8
1 changed files with 69 additions and 5 deletions
|
@ -204,8 +204,8 @@
|
||||||
"showChat": true,
|
"showChat": true,
|
||||||
"showLineNumbers": true,
|
"showLineNumbers": true,
|
||||||
"useMonospaceFont": false,
|
"useMonospaceFont": false,
|
||||||
"userName": false,
|
"userName": null,
|
||||||
"userColor": false,
|
"userColor": null,
|
||||||
"rtl": false,
|
"rtl": false,
|
||||||
"alwaysShowChat": false,
|
"alwaysShowChat": false,
|
||||||
"chatAndUsers": false,
|
"chatAndUsers": false,
|
||||||
|
@ -333,6 +333,22 @@
|
||||||
* Settings controlling the session cookie issued by Etherpad.
|
* Settings controlling the session cookie issued by Etherpad.
|
||||||
*/
|
*/
|
||||||
"cookie": {
|
"cookie": {
|
||||||
|
/*
|
||||||
|
* How often (in milliseconds) the key used to sign the express_sid cookie
|
||||||
|
* should be rotated. Long rotation intervals reduce signature verification
|
||||||
|
* overhead (because there are fewer historical keys to check) and database
|
||||||
|
* load (fewer historical keys to store, and less frequent queries to
|
||||||
|
* get/update the keys). Short rotation intervals are slightly more secure.
|
||||||
|
*
|
||||||
|
* Multiple Etherpad processes sharing the same database (table) is
|
||||||
|
* supported as long as the clock sync error is significantly less than this
|
||||||
|
* value.
|
||||||
|
*
|
||||||
|
* Key rotation can be disabled (not recommended) by setting this to 0 or
|
||||||
|
* null, or by disabling session expiration (see sessionLifetime).
|
||||||
|
*/
|
||||||
|
"keyRotationInterval": 86400000, // = 1d * 24h/d * 60m/h * 60s/m * 1000ms/s
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Value of the SameSite cookie property. "Lax" is recommended unless
|
* Value of the SameSite cookie property. "Lax" is recommended unless
|
||||||
* Etherpad will be embedded in an iframe from another site, in which case
|
* Etherpad will be embedded in an iframe from another site, in which case
|
||||||
|
@ -344,7 +360,51 @@
|
||||||
* significant usability drawbacks vs. "Lax". See
|
* significant usability drawbacks vs. "Lax". See
|
||||||
* https://stackoverflow.com/q/41841880 for discussion.
|
* https://stackoverflow.com/q/41841880 for discussion.
|
||||||
*/
|
*/
|
||||||
"sameSite": "Lax"
|
"sameSite": "Lax",
|
||||||
|
|
||||||
|
/*
|
||||||
|
* How long (in milliseconds) after navigating away from Etherpad before the
|
||||||
|
* user is required to log in again. (The express_sid cookie is set to
|
||||||
|
* expire at time now + sessionLifetime when first created, and its
|
||||||
|
* expiration time is periodically refreshed to a new now + sessionLifetime
|
||||||
|
* value.) If requireAuthentication is false then this value does not really
|
||||||
|
* matter.
|
||||||
|
*
|
||||||
|
* The "best" value depends on your users' usage patterns and the amount of
|
||||||
|
* convenience you desire. A long lifetime is more convenient (users won't
|
||||||
|
* have to log back in as often) but has some drawbacks:
|
||||||
|
* - It increases the amount of state kept in the database.
|
||||||
|
* - It might weaken security somewhat: The cookie expiration is refreshed
|
||||||
|
* indefinitely without consulting authentication or authorization
|
||||||
|
* hooks, so once a user has accessed a pad, the user can continue to
|
||||||
|
* use the pad until the user leaves for longer than sessionLifetime.
|
||||||
|
* - More historical keys (sessionLifetime / keyRotationInterval) must be
|
||||||
|
* checked when verifying signatures.
|
||||||
|
*
|
||||||
|
* Session lifetime can be set to infinity (not recommended) by setting this
|
||||||
|
* to null or 0. Note that if the session does not expire, most browsers
|
||||||
|
* will delete the cookie when the browser exits, but a session record is
|
||||||
|
* kept in the database forever.
|
||||||
|
*/
|
||||||
|
"sessionLifetime": 864000000, // = 10d * 24h/d * 60m/h * 60s/m * 1000ms/s
|
||||||
|
|
||||||
|
/*
|
||||||
|
* How long (in milliseconds) before the expiration time of an active user's
|
||||||
|
* session is refreshed (to now + sessionLifetime). This setting affects the
|
||||||
|
* following:
|
||||||
|
* - How often a new session expiration time will be written to the
|
||||||
|
* database.
|
||||||
|
* - How often each user's browser will ping the Etherpad server to
|
||||||
|
* refresh the expiration time of the session cookie.
|
||||||
|
*
|
||||||
|
* High values reduce the load on the database and the load from browsers,
|
||||||
|
* but can shorten the effective session lifetime if Etherpad is restarted
|
||||||
|
* or the user navigates away.
|
||||||
|
*
|
||||||
|
* Automatic session refreshes can be disabled (not recommended) by setting
|
||||||
|
* this to null.
|
||||||
|
*/
|
||||||
|
"sessionRefreshInterval": 86400000 // = 1d * 24h/d * 60m/h * 60s/m * 1000ms/s
|
||||||
},
|
},
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -519,7 +579,6 @@
|
||||||
"points": 10
|
"points": 10
|
||||||
},
|
},
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Toolbar buttons configuration.
|
* Toolbar buttons configuration.
|
||||||
*
|
*
|
||||||
|
@ -563,5 +622,10 @@
|
||||||
"customLocaleStrings": {},
|
"customLocaleStrings": {},
|
||||||
|
|
||||||
/* Disable Admin UI tests */
|
/* Disable Admin UI tests */
|
||||||
"enableAdminUITests": false
|
"enableAdminUITests": false,
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Enable/Disable case-insensitive pad names.
|
||||||
|
*/
|
||||||
|
"lowerCasePadIds": false
|
||||||
}
|
}
|
||||||
|
|
Loading…
Add table
Reference in a new issue