mirror of
https://github.com/Part-DB/Part-DB-server.git
synced 2025-06-22 09:53:35 +02:00
39 lines
1.7 KiB
YAML
39 lines
1.7 KiB
YAML
# see https://symfony.com/doc/current/reference/configuration/framework.html
|
|
framework:
|
|
secret: '%env(APP_SECRET)%'
|
|
csrf_protection: true
|
|
|
|
# Must be set to true, to enable the change of HTTP methhod via _method parameter, otherwise our delete routines does not work anymore
|
|
# TODO: Rework delete routines to work without _method parameter as it is not recommended anymore (see https://github.com/symfony/symfony/issues/45278)
|
|
http_method_override: true
|
|
|
|
# Allow users to configure trusted hosts via .env variables
|
|
# see https://symfony.com/doc/current/reference/configuration/framework.html#trusted-hosts
|
|
trusted_hosts: '%env(TRUSTED_HOSTS)%'
|
|
|
|
# Allow users to configure reverse proxies via .env variables. Default values are defined in parameters.yaml.
|
|
trusted_proxies: '%env(TRUSTED_PROXIES)%'
|
|
# Trust all headers by default. X-Forwared-Host can be a security risk if your reverse proxy doesn't set it.
|
|
trusted_headers: ['x-forwarded-for', 'x-forwarded-host', 'x-forwarded-proto', 'x-forwarded-port', 'x-forwarded-prefix']
|
|
|
|
# Enables session support. Note that the session will ONLY be started if you read or write from it.
|
|
# Remove or comment this section to explicitly disable session support.
|
|
session:
|
|
handler_id: null
|
|
cookie_secure: auto
|
|
cookie_samesite: lax
|
|
storage_factory_id: session.storage.factory.native
|
|
|
|
#esi: true
|
|
#fragments: true
|
|
php_errors:
|
|
log: true
|
|
|
|
form:
|
|
legacy_error_messages: false # Enable to use the new Form component validation messages
|
|
|
|
when@test:
|
|
framework:
|
|
test: true
|
|
session:
|
|
storage_factory_id: session.storage.factory.mock_file
|