2020-07-04 23:44:15 +02:00
# see https://symfony.com/doc/current/reference/configuration/framework.html
2019-02-23 16:49:38 +01:00
framework :
secret : '%env(APP_SECRET)%'
2021-10-02 21:23:34 +02:00
csrf_protection : true
2023-12-03 23:04:35 +01:00
annotations : false
2023-05-27 21:02:02 +02:00
handle_all_throwables : true
2022-07-22 00:30:17 +02:00
2023-12-03 23:04:35 +01:00
# We set this header by ourselves, so we can disable it here
2023-08-23 22:01:39 +02:00
disallow_search_engine_index : false
2023-05-27 21:02:02 +02:00
# Must be set to true, to enable the change of HTTP method via _method parameter, otherwise our delete routines does not work anymore
2022-07-22 00:30:17 +02:00
# TODO: Rework delete routines to work without _method parameter as it is not recommended anymore (see https://github.com/symfony/symfony/issues/45278)
http_method_override : true
2019-02-23 16:49:38 +01:00
2022-07-17 22:47:30 +02:00
# Allow users to configure trusted hosts via .env variables
# see https://symfony.com/doc/current/reference/configuration/framework.html#trusted-hosts
trusted_hosts : '%env(TRUSTED_HOSTS)%'
# Allow users to configure reverse proxies via .env variables. Default values are defined in parameters.yaml.
trusted_proxies : '%env(TRUSTED_PROXIES)%'
# Trust all headers by default. X-Forwared-Host can be a security risk if your reverse proxy doesn't set it.
trusted_headers : [ 'x-forwarded-for' , 'x-forwarded-host' , 'x-forwarded-proto' , 'x-forwarded-port' , 'x-forwarded-prefix' ]
2019-02-23 16:49:38 +01:00
# Enables session support. Note that the session will ONLY be started if you read or write from it.
# Remove or comment this section to explicitly disable session support.
session :
2020-01-07 19:06:08 +01:00
handler_id : null
2019-02-23 16:49:38 +01:00
cookie_secure : auto
cookie_samesite : lax
#esi: true
#fragments: true
php_errors :
log : true
2021-10-02 20:56:49 +02:00
when@test :
framework :
test : true
session :
storage_factory_id : session.storage.factory.mock_file
