mirror of
https://github.com/go-gitea/gitea
synced 2025-10-31 03:18:24 +00:00
ticks
This commit is contained in:
silverwind
@@ -504,7 +504,7 @@ INTERNAL_TOKEN =
|
|||||||
;; In future releases, this will become the default behavior
|
;; In future releases, this will become the default behavior
|
||||||
;DISABLE_QUERY_AUTH_TOKEN = false
|
;DISABLE_QUERY_AUTH_TOKEN = false
|
||||||
;;
|
;;
|
||||||
;; The value of the X-FRAME-OPTIONS header for HTML and API requests. Set to 'false' to remove the header.
|
;; The value of the X-FRAME-OPTIONS header for HTML and API requests. Set to "false" to remove the header.
|
||||||
;X_FRAME_OPTIONS = SAMEORIGIN
|
;X_FRAME_OPTIONS = SAMEORIGIN
|
||||||
|
|
||||||
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
||||||
|
|||||||
@@ -583,7 +583,7 @@ And the following unique queues:
|
|||||||
- `PASSWORD_CHECK_PWN`: **false**: Check [HaveIBeenPwned](https://haveibeenpwned.com/Passwords) to see if a password has been exposed.
|
- `PASSWORD_CHECK_PWN`: **false**: Check [HaveIBeenPwned](https://haveibeenpwned.com/Passwords) to see if a password has been exposed.
|
||||||
- `SUCCESSFUL_TOKENS_CACHE_SIZE`: **20**: Cache successful token hashes. API tokens are stored in the DB as pbkdf2 hashes however, this means that there is a potentially significant hashing load when there are multiple API operations. This cache will store the successfully hashed tokens in a LRU cache as a balance between performance and security.
|
- `SUCCESSFUL_TOKENS_CACHE_SIZE`: **20**: Cache successful token hashes. API tokens are stored in the DB as pbkdf2 hashes however, this means that there is a potentially significant hashing load when there are multiple API operations. This cache will store the successfully hashed tokens in a LRU cache as a balance between performance and security.
|
||||||
- `DISABLE_QUERY_AUTH_TOKEN`: **false**: Reject API tokens sent in URL query string (Accept Header-based API tokens only). This setting will default to `true` in Gitea 1.23 and be deprecated in Gitea 1.24.
|
- `DISABLE_QUERY_AUTH_TOKEN`: **false**: Reject API tokens sent in URL query string (Accept Header-based API tokens only). This setting will default to `true` in Gitea 1.23 and be deprecated in Gitea 1.24.
|
||||||
- `X_FRAME_OPTIONS`: **SAMEORIGIN**: The value of the X-FRAME-OPTIONS header for HTML and API requests. Set to 'false' to remove the header.
|
- `X_FRAME_OPTIONS`: **SAMEORIGIN**: The value of the X-FRAME-OPTIONS header for HTML and API requests. Set to `false to remove the header.
|
||||||
|
|
||||||
## Camo (`camo`)
|
## Camo (`camo`)
|
||||||
|
|
||||||
|
|||||||
@@ -551,7 +551,7 @@ Gitea 创建以下非唯一队列:
|
|||||||
- off - 不检查密码复杂性
|
- off - 不检查密码复杂性
|
||||||
- `PASSWORD_CHECK_PWN`: **false**:检查密码是否在 [HaveIBeenPwned](https://haveibeenpwned.com/Passwords) 中曝光。
|
- `PASSWORD_CHECK_PWN`: **false**:检查密码是否在 [HaveIBeenPwned](https://haveibeenpwned.com/Passwords) 中曝光。
|
||||||
- `SUCCESSFUL_TOKENS_CACHE_SIZE`: **20**:缓存成功的令牌哈希。API 令牌在数据库中存储为 pbkdf2 哈希,但这意味着在存在多个 API 操作时可能会有显着的哈希负载。此缓存将在 LRU 缓存中存储成功的哈希令牌,以在性能和安全性之间保持平衡。
|
- `SUCCESSFUL_TOKENS_CACHE_SIZE`: **20**:缓存成功的令牌哈希。API 令牌在数据库中存储为 pbkdf2 哈希,但这意味着在存在多个 API 操作时可能会有显着的哈希负载。此缓存将在 LRU 缓存中存储成功的哈希令牌,以在性能和安全性之间保持平衡。
|
||||||
- `X_FRAME_OPTIONS`: **SAMEORIGIN**: HTML 和 API 请求的 X-FRAME-OPTIONS 标头的值。 设置为“false”以删除标头。
|
- `X_FRAME_OPTIONS`: **SAMEORIGIN**: HTML 和 API 请求的 X-FRAME-OPTIONS 标头的值。 设置为`false`以删除标头。
|
||||||
|
|
||||||
## Camo (`camo`)
|
## Camo (`camo`)
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user