mirror of
https://github.com/Part-DB/Part-DB-server.git
synced 2025-08-29 22:30:01 +02:00
247fed7d74
Some checks failed
Build assets artifact / Build assets artifact (push) Has been cancelled
Docker Image Build / docker (push) Has been cancelled
Docker Image Build (FrankenPHP) / docker (push) Has been cancelled
Static analysis / Static analysis (push) Has been cancelled
PHPUnit Tests / PHPUnit and coverage Test (PHP 8.2, mysql) (push) Has been cancelled
PHPUnit Tests / PHPUnit and coverage Test (PHP 8.3, mysql) (push) Has been cancelled
PHPUnit Tests / PHPUnit and coverage Test (PHP 8.4, mysql) (push) Has been cancelled
PHPUnit Tests / PHPUnit and coverage Test (PHP 8.3, postgres) (push) Has been cancelled
PHPUnit Tests / PHPUnit and coverage Test (PHP 8.4, postgres) (push) Has been cancelled
PHPUnit Tests / PHPUnit and coverage Test (PHP 8.2, sqlite) (push) Has been cancelled
PHPUnit Tests / PHPUnit and coverage Test (PHP 8.3, sqlite) (push) Has been cancelled
PHPUnit Tests / PHPUnit and coverage Test (PHP 8.4, sqlite) (push) Has been cancelled
PHPUnit Tests / PHPUnit and coverage Test (PHP 8.2, postgres) (push) Has been cancelled
40 lines
1.7 KiB
YAML
40 lines
1.7 KiB
YAML
# see https://symfony.com/doc/current/reference/configuration/framework.html
|
|
framework:
|
|
secret: '%env(APP_SECRET)%'
|
|
|
|
# We set this header by ourselves, so we can disable it here
|
|
disallow_search_engine_index: false
|
|
|
|
# Must be set to true, to enable the change of HTTP method via _method parameter, otherwise our delete routines does not work anymore
|
|
# TODO: Rework delete routines to work without _method parameter as it is not recommended anymore (see https://github.com/symfony/symfony/issues/45278)
|
|
http_method_override: true
|
|
|
|
# Allow users to configure trusted hosts via .env variables
|
|
# see https://symfony.com/doc/current/reference/configuration/framework.html#trusted-hosts
|
|
trusted_hosts: '%env(TRUSTED_HOSTS)%'
|
|
|
|
# Allow users to configure reverse proxies via .env variables. Default values are defined in parameters.yaml.
|
|
trusted_proxies: '%env(TRUSTED_PROXIES)%'
|
|
# Trust all headers by default. X-Forwared-Host can be a security risk if your reverse proxy doesn't set it.
|
|
trusted_headers: ['x-forwarded-for', 'x-forwarded-host', 'x-forwarded-proto', 'x-forwarded-port', 'x-forwarded-prefix']
|
|
|
|
# Enables session support. Note that the session will ONLY be started if you read or write from it.
|
|
# Remove or comment this section to explicitly disable session support.
|
|
session:
|
|
handler_id: null
|
|
cookie_secure: auto
|
|
cookie_samesite: lax
|
|
|
|
#esi: true
|
|
#fragments: true
|
|
|
|
|
|
form: { csrf_protection: { token_id: 'submit' } }
|
|
csrf_protection:
|
|
stateless_token_ids: ['submit', 'authenticate', 'logout']
|
|
|
|
when@test:
|
|
framework:
|
|
test: true
|
|
session:
|
|
storage_factory_id: session.storage.factory.mock_file
|