diff options
| author |  tobi <31960611+tsmethurst@users.noreply.github.com> | 2023-08-20 13:35:55 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2023-08-20 13:35:55 +0200 |
| commit | 1e2db7a32f72ee01497a08c67e6f7f507890ee71 (patch) | |
| tree | 76a6e64c3897ff183383bdb20b185f42cc462a16 /docs/configuration/advanced.md | |
| parent | [feature] Instance rules (#2125) (diff) | |
| download | gotosocial-1e2db7a32f72ee01497a08c67e6f7f507890ee71.tar.xz | |
[feature/bugfix] Probe S3 storage for CSP uri, add config flag for extra URIs (#2134)
* [feature/bugfix] Probe S3 storage for CSP uri, add config flag for extra URIs
* env parsing tests, my coy mistress
Diffstat (limited to 'docs/configuration/advanced.md')
| -rw-r--r-- | docs/configuration/advanced.md | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/docs/configuration/advanced.md b/docs/configuration/advanced.md index 07e3376d5..530b75f0f 100644 --- a/docs/configuration/advanced.md +++ b/docs/configuration/advanced.md @@ -118,4 +118,22 @@ advanced-throttling-retry-after: "30s" # 2 cpu = 1 concurrent sender # 4 cpu = 1 concurrent sender advanced-sender-multiplier: 2 + +# Array of string. Extra URIs to add to 'img-src' and 'media-src' +# when building the Content-Security-Policy header for your instance. +# +# This can be used to allow the browser to load resources from additional +# sources like S3 buckets and so on when viewing your instance's pages +# and profiles in the browser. +# +# Since non-proxying S3 storage will be probed on instance launch to +# generate a correct Content-Security-Policy, you probably won't need +# to ever touch this setting, but it's included in the 'spirit of more +# configurable (usually) means more good'. +# +# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP +# +# Example: ["s3.example.org", "some-bucket-name.s3.example.org"] +# Default: [] +advanced-csp-extra-uris: [] ``` |