Changeset View
Changeset View
Standalone View
Standalone View
src/applications/config/option/PhabricatorSecurityConfigOptions.php
| <?php | <?php | ||||
| final class PhabricatorSecurityConfigOptions | final class PhabricatorSecurityConfigOptions | ||||
| extends PhabricatorApplicationConfigOptions { | extends PhabricatorApplicationConfigOptions { | ||||
| public function getName() { | public function getName() { | ||||
| return pht("Security"); | return pht('Security'); | ||||
| } | } | ||||
| public function getDescription() { | public function getDescription() { | ||||
| return pht("Security options."); | return pht('Security options.'); | ||||
| } | } | ||||
| public function getOptions() { | public function getOptions() { | ||||
| $support_href = PhabricatorEnv::getDoclink('Give Feedback! Get Support!'); | $support_href = PhabricatorEnv::getDoclink('Give Feedback! Get Support!'); | ||||
| return array( | return array( | ||||
| $this->newOption('security.alternate-file-domain', 'string', null) | $this->newOption('security.alternate-file-domain', 'string', null) | ||||
| ->setLocked(true) | ->setLocked(true) | ||||
| ->setSummary(pht("Alternate domain to serve files from.")) | ->setSummary(pht('Alternate domain to serve files from.')) | ||||
| ->setDescription( | ->setDescription( | ||||
| pht( | pht( | ||||
| "IMPORTANT: By default, Phabricator serves files from the same ". | "IMPORTANT: By default, Phabricator serves files from the same ". | ||||
| "domain the application lives on. This is convenient but not ". | "domain the application lives on. This is convenient but not ". | ||||
| "secure: it creates a large class of vulnerabilities which can ". | "secure: it creates a large class of vulnerabilities which can ". | ||||
| "not be generally mitigated.\n\n". | "not be generally mitigated.\n\n". | ||||
| "To avoid this, you should configure a second domain in the same ". | "To avoid this, you should configure a second domain in the same ". | ||||
| Show All 12 Lines | return array( | ||||
| ->addExample('http://www.phabricator-files.com/', pht('Valid Setting')), | ->addExample('http://www.phabricator-files.com/', pht('Valid Setting')), | ||||
| $this->newOption( | $this->newOption( | ||||
| 'security.hmac-key', | 'security.hmac-key', | ||||
| 'string', | 'string', | ||||
| '[D\t~Y7eNmnQGJ;rnH6aF;m2!vJ8@v8C=Cs:aQS\.Qw') | '[D\t~Y7eNmnQGJ;rnH6aF;m2!vJ8@v8C=Cs:aQS\.Qw') | ||||
| ->setMasked(true) | ->setMasked(true) | ||||
| ->setLocked(true) | ->setLocked(true) | ||||
| ->setSummary( | ->setSummary( | ||||
| pht("Key for HMAC digests.")) | pht('Key for HMAC digests.')) | ||||
| ->setDescription( | ->setDescription( | ||||
| pht( | pht( | ||||
| "Default key for HMAC digests where the key is not important ". | 'Default key for HMAC digests where the key is not important '. | ||||
| "(i.e., the hash itself is secret). You can change this if you ". | '(i.e., the hash itself is secret). You can change this if you '. | ||||
| "want (to any other string), but doing so will break existing ". | 'want (to any other string), but doing so will break existing '. | ||||
| "sessions and CSRF tokens.")), | 'sessions and CSRF tokens.')), | ||||
| $this->newOption('security.require-https', 'bool', false) | $this->newOption('security.require-https', 'bool', false) | ||||
| ->setLocked(true) | ->setLocked(true) | ||||
| ->setSummary( | ->setSummary( | ||||
| pht("Force users to connect via HTTPS instead of HTTP.")) | pht('Force users to connect via HTTPS instead of HTTP.')) | ||||
| ->setDescription( | ->setDescription( | ||||
| pht( | pht( | ||||
| "If the web server responds to both HTTP and HTTPS requests but ". | "If the web server responds to both HTTP and HTTPS requests but ". | ||||
| "you want users to connect with only HTTPS, you can set this ". | "you want users to connect with only HTTPS, you can set this ". | ||||
| "to true to make Phabricator redirect HTTP requests to HTTPS.\n\n". | "to true to make Phabricator redirect HTTP requests to HTTPS.\n\n". | ||||
| "Normally, you should just configure your server not to accept ". | "Normally, you should just configure your server not to accept ". | ||||
| "HTTP traffic, but this setting may be useful if you originally ". | "HTTP traffic, but this setting may be useful if you originally ". | ||||
| Show All 32 Lines | return array( | ||||
| )), | )), | ||||
| $this->newOption( | $this->newOption( | ||||
| 'phabricator.csrf-key', | 'phabricator.csrf-key', | ||||
| 'string', | 'string', | ||||
| '0b7ec0592e0a2829d8b71df2fa269b2c6172eca3') | '0b7ec0592e0a2829d8b71df2fa269b2c6172eca3') | ||||
| ->setMasked(true) | ->setMasked(true) | ||||
| ->setLocked(true) | ->setLocked(true) | ||||
| ->setSummary( | ->setSummary( | ||||
| pht("Hashed with other inputs to generate CSRF tokens.")) | pht('Hashed with other inputs to generate CSRF tokens.')) | ||||
| ->setDescription( | ->setDescription( | ||||
| pht( | pht( | ||||
| "This is hashed with other inputs to generate CSRF tokens. If ". | 'This is hashed with other inputs to generate CSRF tokens. If '. | ||||
| "you want, you can change it to some other string which is ". | 'you want, you can change it to some other string which is '. | ||||
| "unique to your install. This will make your install more secure ". | 'unique to your install. This will make your install more secure '. | ||||
| "in a vague, mostly theoretical way. But it will take you like 3 ". | 'in a vague, mostly theoretical way. But it will take you like 3 '. | ||||
| "seconds of mashing on your keyboard to set it up so you might ". | 'seconds of mashing on your keyboard to set it up so you might '. | ||||
| "as well.")), | 'as well.')), | ||||
| $this->newOption( | $this->newOption( | ||||
| 'phabricator.mail-key', | 'phabricator.mail-key', | ||||
| 'string', | 'string', | ||||
| '5ce3e7e8787f6e40dfae861da315a5cdf1018f12') | '5ce3e7e8787f6e40dfae861da315a5cdf1018f12') | ||||
| ->setMasked(true) | ->setMasked(true) | ||||
| ->setLocked(true) | ->setLocked(true) | ||||
| ->setSummary( | ->setSummary( | ||||
| pht("Hashed with other inputs to generate mail tokens.")) | pht('Hashed with other inputs to generate mail tokens.')) | ||||
| ->setDescription( | ->setDescription( | ||||
| pht( | pht( | ||||
| "This is hashed with other inputs to generate mail tokens. If ". | "This is hashed with other inputs to generate mail tokens. If ". | ||||
| "you want, you can change it to some other string which is ". | "you want, you can change it to some other string which is ". | ||||
| "unique to your install. In particular, you will want to do ". | "unique to your install. In particular, you will want to do ". | ||||
| "this if you accidentally send a bunch of mail somewhere you ". | "this if you accidentally send a bunch of mail somewhere you ". | ||||
| "shouldn't have, to invalidate all old reply-to addresses.")), | "shouldn't have, to invalidate all old reply-to addresses.")), | ||||
| $this->newOption( | $this->newOption( | ||||
| 'uri.allowed-protocols', | 'uri.allowed-protocols', | ||||
| 'set', | 'set', | ||||
| array( | array( | ||||
| 'http' => true, | 'http' => true, | ||||
| 'https' => true, | 'https' => true, | ||||
| 'mailto' => true, | 'mailto' => true, | ||||
| )) | )) | ||||
| ->setSummary( | ->setSummary( | ||||
| pht("Determines which URI protocols are auto-linked.")) | pht('Determines which URI protocols are auto-linked.')) | ||||
| ->setDescription( | ->setDescription( | ||||
| pht( | pht( | ||||
| "When users write comments which have URIs, they'll be ". | "When users write comments which have URIs, they'll be ". | ||||
| "automatically linked if the protocol appears in this set. This ". | "automatically linked if the protocol appears in this set. This ". | ||||
| "whitelist is primarily to prevent security issues like ". | "whitelist is primarily to prevent security issues like ". | ||||
| "javascript:// URIs.")) | "javascript:// URIs.")) | ||||
| ->addExample("http\nhttps", pht('Valid Setting')) | ->addExample("http\nhttps", pht('Valid Setting')) | ||||
| ->setLocked(true), | ->setLocked(true), | ||||
| Show All 32 Lines | return array( | ||||
| "list, [[ %s | let us know ]] and we'll update the defaults.)", | "list, [[ %s | let us know ]] and we'll update the defaults.)", | ||||
| $support_href)) | $support_href)) | ||||
| ->setLocked(true), | ->setLocked(true), | ||||
| $this->newOption( | $this->newOption( | ||||
| 'celerity.resource-hash', | 'celerity.resource-hash', | ||||
| 'string', | 'string', | ||||
| 'd9455ea150622ee044f7931dabfa52aa') | 'd9455ea150622ee044f7931dabfa52aa') | ||||
| ->setSummary( | ->setSummary( | ||||
| pht("An input to the hash function when building resource hashes.")) | pht('An input to the hash function when building resource hashes.')) | ||||
| ->setDescription( | ->setDescription( | ||||
| pht( | pht( | ||||
| "This value is an input to the hash function when building ". | 'This value is an input to the hash function when building '. | ||||
| "resource hashes. It has no security value, but if you ". | 'resource hashes. It has no security value, but if you '. | ||||
| "accidentally poison user caches (by pushing a bad patch or ". | 'accidentally poison user caches (by pushing a bad patch or '. | ||||
| "having something go wrong with a CDN, e.g.) you can change this ". | 'having something go wrong with a CDN, e.g.) you can change this '. | ||||
| "to something else and rebuild the Celerity map to break user ". | 'to something else and rebuild the Celerity map to break user '. | ||||
| "caches. Unless you are doing Celerity development, it is ". | 'caches. Unless you are doing Celerity development, it is '. | ||||
| "exceptionally unlikely that you need to modify this.")), | 'exceptionally unlikely that you need to modify this.')), | ||||
| $this->newOption('remarkup.enable-embedded-youtube', 'bool', false) | $this->newOption('remarkup.enable-embedded-youtube', 'bool', false) | ||||
| ->setBoolOptions( | ->setBoolOptions( | ||||
| array( | array( | ||||
| pht("Embed YouTube videos"), | pht('Embed YouTube videos'), | ||||
| pht("Don't embed YouTube videos"), | pht("Don't embed YouTube videos"), | ||||
| )) | )) | ||||
| ->setSummary( | ->setSummary( | ||||
| pht("Determines whether or not YouTube videos get embedded.")) | pht('Determines whether or not YouTube videos get embedded.')) | ||||
| ->setDescription( | ->setDescription( | ||||
| pht( | pht( | ||||
| "If you enable this, linked YouTube videos will be embeded ". | "If you enable this, linked YouTube videos will be embeded ". | ||||
| "inline. This has mild security implications (you'll leak ". | "inline. This has mild security implications (you'll leak ". | ||||
| "referrers to YouTube) and is pretty silly (but sort of ". | "referrers to YouTube) and is pretty silly (but sort of ". | ||||
| "awesome).")), | "awesome).")), | ||||
| $this->newOption('security.allow-outbound-http', 'bool', true) | $this->newOption('security.allow-outbound-http', 'bool', true) | ||||
| ->setBoolOptions( | ->setBoolOptions( | ||||
| array( | array( | ||||
| pht("Allow"), | pht('Allow'), | ||||
| pht("Disallow"), | pht('Disallow'), | ||||
| )) | )) | ||||
| ->setLocked(true) | ->setLocked(true) | ||||
| ->setSummary( | ->setSummary( | ||||
| pht("Allow outbound HTTP requests")) | pht('Allow outbound HTTP requests')) | ||||
| ->setDescription( | ->setDescription( | ||||
| pht( | pht( | ||||
| "If you enable this, you are allowing Phabricator to ". | 'If you enable this, you are allowing Phabricator to '. | ||||
| "potentially make requests to external servers.")), | 'potentially make requests to external servers.')), | ||||
| ); | ); | ||||
| } | } | ||||
| protected function didValidateOption( | protected function didValidateOption( | ||||
| PhabricatorConfigOption $option, | PhabricatorConfigOption $option, | ||||
| $value) { | $value) { | ||||
| $key = $option->getKey(); | $key = $option->getKey(); | ||||
| Show All 39 Lines | |||||