X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=lib%2Fdefault.php;h=b1079a907ce90ed52c2601bebd6624ea2ce15596;hb=f0480c34d7e3d528fc559568ce6ac53c3b33f8f9;hp=490553f80b21ea1163cd4e995f8a284b18d985a6;hpb=3013b84e9833882fbc3e98df0758c56c3e0ba25c;p=quix0rs-gnu-social.git diff --git a/lib/default.php b/lib/default.php index 490553f80b..b1079a907c 100644 --- a/lib/default.php +++ b/lib/default.php @@ -36,9 +36,9 @@ $default = 'theme' => 'neo-gnu', 'path' => $_path, 'logfile' => null, + 'logdebug' => false, 'logo' => null, 'ssllogo' => null, - 'logdebug' => false, 'logperf' => false, // Enable to dump performance counters to syslog 'logperf_detail' => false, // Enable to dump every counter hit 'fancy' => false, @@ -56,6 +56,7 @@ $default = 'inviteonly' => true, 'private' => false, 'ssl' => 'never', + 'sslproxy' => false, // set to true to force GNU social to think it is HTTPS (i.e. using reverse proxy to enable it) 'sslserver' => null, 'dupelimit' => 60, // default for same person saying the same thing 'textlimit' => 1000, // in chars; 0 == no limit @@ -64,6 +65,9 @@ $default = 'notice' => null, // site wide notice text 'build' => 1, // build number, for code-dependent cache ), + 'security' => + array('hash_algos' => ['sha1', 'sha256', 'sha512'], // set to null for anything that hash_hmac() can handle (and is in hash_algos()) + ), 'db' => array('database' => null, // must be set 'schema_location' => INSTALLDIR . '/classes', @@ -80,6 +84,13 @@ $default = 'log_queries' => false, // true to log all DB queries 'log_slow_queries' => 0, // if set, log queries taking over N seconds 'mysql_foreign_keys' => false), // if set, enables experimental foreign key support on MySQL + 'fix' => + array('fancyurls' => true, // makes sure aliases in WebFinger etc. are not f'd by index.php/ URLs + 'legacy_http' => false, // set this to true if you have upgraded your site from http=>https + ), + 'log' => [ + 'debugtrace' => false, // index.php handleError function, whether to include exception backtrace in log + ], 'syslog' => array('appname' => 'statusnet', # for syslog 'priority' => 'debug', # XXX: currently ignored @@ -128,7 +139,8 @@ $default = array('banned' => array(), 'biolimit' => null, 'changenick' => false, - 'backup' => true, + 'allowprivate' => false, // whether to allow setting stream to private ("only followers can read") + 'backup' => false, // can cause DoS, so should be done via CLI 'restore' => false, 'delete' => false, 'move' => true), @@ -140,11 +152,10 @@ $default = 'path' => $_path . '/avatar/', 'ssl' => null, 'maxsize' => 300), - 'background' => - array('server' => null, - 'dir' => INSTALLDIR . '/background/', - 'path' => $_path . '/background/', - 'ssl' => null), + 'foaf' => + array( + 'mbox_sha1sum' => false, + ), 'public' => array('localonly' => false, 'blacklist' => array(), @@ -209,7 +220,10 @@ $default = array('default' => null, 'welcome' => null), 'linkify' => array( + // "bare" below means "without schema", like domain.com vs. https://domain.com 'bare_domains' => false, // convert domain.com to domain.com ? + 'bare_ipv4' => false, // convert IPv4 addresses to hyperlinks? + 'bare_ipv6' => false, // convert IPv6 addresses to hyperlinks? ), 'attachments' => array('server' => null, @@ -234,6 +248,10 @@ $default = 'application/vnd.oasis.opendocument.text-web' => 'oth', 'application/pdf' => 'pdf', 'application/zip' => 'zip', + 'application/x-bzip2' => 'bz2', + 'application/x-go-sgf' => 'sgf', + 'application/xml' => 'xml', + 'application/gpx+xml' => 'gpx', 'image/png' => 'png', 'image/jpeg' => 'jpg', 'image/gif' => 'gif', @@ -254,47 +272,57 @@ $default = 'user_quota' => 50000000, 'monthly_quota' => 15000000, 'uploads' => true, - 'filename_base' => 'hash', // for new files, choose one: 'upload', 'hash' 'show_html' => false, // show (filtered) text/html attachments (and oEmbed HTML etc.). Doesn't affect AJAX calls. 'show_thumbs' => true, // show thumbnails in notice lists for uploaded images, and photos and videos linked remotely that provide oEmbed info 'process_links' => true, // check linked resources for embeddable photos and videos; this will hit referenced external web sites when processing new messages. + 'extblacklist' => [ + 'php' => 'phps', // this turns .php into .phps + 'exe' => false, // this would deny any uploads to keep the "exe" file extension + ], ), - 'thumbnail' => - array('crop' => false, // overridden to true if thumb height === null + 'thumbnail' => [ + 'dir' => null, // falls back to File::path('thumb') (equivalent to ['attachments']['dir'] . '/thumb/') + 'path' => null, // falls back to generating a URL with File::url('thumb/$filename') (equivalent to ['attachments']['path'] . '/thumb/') + 'server' => null, // Only used if ['thumbnail']['path'] is NOT empty, and then it falls back to ['site']['server'], schema is decided from GNUsocial::useHTTPS() + + 'crop' => false, // overridden to true if thumb height === null 'maxsize' => 1000, // thumbs with an edge larger than this will not be generated 'width' => 450, 'height' => 600, - 'animated' => false), // null="UseFileAsThumbnail", false="can use still frame". true requires ImageMagickPlugin + 'upscale' => false, + 'animated' => false, // null="UseFileAsThumbnail", false="can use still frame". true requires ImageMagickPlugin + ], 'application' => array('desclimit' => null), 'group' => array('maxaliases' => 3, 'desclimit' => null, - 'addtag' => false), + 'addtag' => true), 'peopletag' => array('maxtags' => 100, // maximum number of tags a user can create. 'maxpeople' => 500, // maximum no. of people with the same tag by the same user 'allow_tagging' => array('all' => true), // equivalent to array('local' => true, 'remote' => true) 'desclimit' => null), - 'oembed' => - array('endpoint' => null, // 'https://noembed.com/embed/' for proxied oEmbed data - 'order' => array('built-in', 'well-known', 'service', 'discovery'), - ), 'search' => array('type' => 'like'), 'sessions' => array('handle' => false, // whether to handle sessions ourselves 'debug' => false, // debugging output for sessions 'gc_limit' => 1000), // max sessions to expire at a time - 'htmlfilter' => array( // purify HTML through htmLawed + 'htmlfilter' => [ // remove tags from user/remotely generated HTML if they are === true 'img' => true, 'video' => true, 'audio' => true, - ), + ], + 'htmlpurifier' => [ // configurable options for HTMLPurifier + 'Cache.DefinitionImpl' => 'Serializer', + 'Cache.SerializerPath' => implode(DIRECTORY_SEPARATOR, [sys_get_temp_dir(), 'gnusocial']), + ], 'notice' => array('contentlimit' => null, + 'allowprivate' => false, // whether to allow users to "check the padlock" to publish notices available for their subscribers. 'defaultscope' => null, // null means 1 if site/private, 0 otherwise - 'hidespam' => false), // Whether to hide silenced users from timelines + 'hidespam' => true), // Whether to hide silenced users from timelines 'message' => array('contentlimit' => null), 'location' => @@ -310,12 +338,14 @@ $default = 'AuthCrypt' => array(), 'Cronish' => array(), 'Favorite' => array(), + 'HTMLPurifierSchemes' => array(), 'Share' => array(), 'LRDD' => array(), ), 'default' => array( 'Activity' => array(), 'AntiBrute' => array(), + 'Blacklist' => array(), 'Bookmark' => array(), 'ClientSideShorten' => array(), 'DefaultLayout' => array(), @@ -328,7 +358,7 @@ $default = 'OpportunisticQM' => array(), 'OStatus' => array(), 'Poll' => array(), - 'SearchSub' => array(), + 'SimpleCaptcha' => array(), 'TagSub' => array(), 'WebFinger' => array(), ), @@ -362,6 +392,8 @@ $default = array('ssl_cafile' => false, // To enable SSL cert validation, point to a CA bundle (eg '/usr/lib/ssl/certs/ca-certificates.crt') (this activates "ssl_verify_peer") 'ssl_verify_host' => true, // HTTPRequest2 makes sure this is set to CURLOPT_SSL_VERIFYHOST==2 if using curl 'curl' => false, // Use CURL backend for HTTP fetches if available. (If not, PHP's socket streams will be used.) + 'connect_timeout' => 5, + 'timeout' => 60, 'proxy_host' => null, 'proxy_port' => null, 'proxy_user' => null,