Changeset View
Changeset View
Standalone View
Standalone View
src/applications/config/option/PhabricatorSecurityConfigOptions.php
| Show All 37 Lines | $default_address_blacklist = array( | ||||
| '198.18.0.0/15', | '198.18.0.0/15', | ||||
| '198.51.100.0/24', | '198.51.100.0/24', | ||||
| '203.0.113.0/24', | '203.0.113.0/24', | ||||
| '224.0.0.0/4', | '224.0.0.0/4', | ||||
| '240.0.0.0/4', | '240.0.0.0/4', | ||||
| '255.255.255.255/32', | '255.255.255.255/32', | ||||
| ); | ); | ||||
| $keyring_type = 'custom:PhabricatorKeyringConfigOptionType'; | |||||
| $keyring_description = $this->deformat(pht(<<<EOTEXT | |||||
| The keyring stores master encryption keys. For help with configuring a keyring | |||||
| and encryption, see **[[ %s | Configuring Encryption ]]**. | |||||
| EOTEXT | |||||
| , | |||||
| PhabricatorEnv::getDoclink('Configuring Encryption'))); | |||||
| return array( | return array( | ||||
| $this->newOption('security.alternate-file-domain', 'string', null) | $this->newOption('security.alternate-file-domain', 'string', null) | ||||
| ->setLocked(true) | ->setLocked(true) | ||||
| ->setSummary(pht('Alternate domain to serve files from.')) | ->setSummary(pht('Alternate domain to serve files from.')) | ||||
| ->setDescription( | ->setDescription( | ||||
| pht( | pht( | ||||
| 'By default, Phabricator serves files from the same domain '. | 'By default, Phabricator serves files from the same domain '. | ||||
| 'the application is served from. This is convenient, but '. | 'the application is served from. This is convenient, but '. | ||||
| ▲ Show 20 Lines • Show All 217 Lines • ▼ Show 20 Lines | return array( | ||||
| 'over HTTPS, never HTTP. This defuses an attack where an '. | 'over HTTPS, never HTTP. This defuses an attack where an '. | ||||
| 'adversary gains access to your network, then proxies requests '. | 'adversary gains access to your network, then proxies requests '. | ||||
| 'through an unsecured link.'. | 'through an unsecured link.'. | ||||
| "\n\n". | "\n\n". | ||||
| 'Do not enable this option if you serve (or plan to ever serve) '. | 'Do not enable this option if you serve (or plan to ever serve) '. | ||||
| 'unsecured content over plain HTTP. It is very difficult to '. | 'unsecured content over plain HTTP. It is very difficult to '. | ||||
| 'undo this change once users\' browsers have accepted the '. | 'undo this change once users\' browsers have accepted the '. | ||||
| 'setting.')), | 'setting.')), | ||||
| $this->newOption('keyring', $keyring_type, array()) | |||||
| ->setHidden(true) | |||||
| ->setSummary(pht('Configure master encryption keys.')) | |||||
| ->setDescription($keyring_description), | |||||
| ); | ); | ||||
| } | } | ||||
| protected function didValidateOption( | protected function didValidateOption( | ||||
| PhabricatorConfigOption $option, | PhabricatorConfigOption $option, | ||||
| $value) { | $value) { | ||||
| $key = $option->getKey(); | $key = $option->getKey(); | ||||
| ▲ Show 20 Lines • Show All 42 Lines • Show Last 20 Lines | |||||