summaryrefslogtreecommitdiff
path: root/example/config.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'example/config.yaml')
-rw-r--r--example/config.yaml27
1 files changed, 27 insertions, 0 deletions
diff --git a/example/config.yaml b/example/config.yaml
index 1a8eb8939..f442b62bf 100644
--- a/example/config.yaml
+++ b/example/config.yaml
@@ -428,3 +428,30 @@ syslog-protocol: "udp"
# String. Address:port to send syslog logs to. Leave empty to connect to local syslog.
# Default: "localhost:514"
syslog-address: "localhost:514"
+
+#############################
+##### ADVANCED SETTINGS #####
+#############################
+
+# Advanced settings pertaining to http timeouts, security, cookies, and more.
+#
+# ONLY ADJUST THESE SETTINGS IF YOU KNOW WHAT YOU ARE DOING!
+#
+# Most users will not need to (and should not) touch these settings, since
+# they are set to sensible defaults, and may break if they are changed.
+#
+# Nevertheless, they are provided for the sake of allowing server admins to
+# tweak their instance for performance or security reasons.
+
+# String. Value of the SameSite attribute of cookies set by GoToSocial.
+# Defaults to 'lax' to ensure that the OIDC flow does not break, which is
+# fine in most cases. If you want to harden your instance against CSRF attacks
+# and don't mind if some login-related things might break, you can set this
+# to 'strict' instead.
+#
+# For an overview of what this does, see:
+# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
+#
+# Options: ["lax", "strict"]
+# Default: "lax"
+advanced-cookies-samesite: "lax"
generated by cgit v1.2.3 (git 2.46.0) at 2025-08-04 16:03:11 +0000