Changeset View
Changeset View
Standalone View
Standalone View
src/applications/config/option/PhabricatorSecurityConfigOptions.php
Show All 37 Lines | $default_address_blacklist = array( | ||||
'198.18.0.0/15', | '198.18.0.0/15', | ||||
'198.51.100.0/24', | '198.51.100.0/24', | ||||
'203.0.113.0/24', | '203.0.113.0/24', | ||||
'224.0.0.0/4', | '224.0.0.0/4', | ||||
'240.0.0.0/4', | '240.0.0.0/4', | ||||
'255.255.255.255/32', | '255.255.255.255/32', | ||||
); | ); | ||||
$keyring_type = 'custom:PhabricatorKeyringConfigOptionType'; | |||||
$keyring_description = $this->deformat(pht(<<<EOTEXT | |||||
The keyring stores master encryption keys. For help with configuring a keyring | |||||
and encryption, see **[[ %s | Configuring Encryption ]]**. | |||||
EOTEXT | |||||
, | |||||
PhabricatorEnv::getDoclink('Configuring Encryption'))); | |||||
return array( | return array( | ||||
$this->newOption('security.alternate-file-domain', 'string', null) | $this->newOption('security.alternate-file-domain', 'string', null) | ||||
->setLocked(true) | ->setLocked(true) | ||||
->setSummary(pht('Alternate domain to serve files from.')) | ->setSummary(pht('Alternate domain to serve files from.')) | ||||
->setDescription( | ->setDescription( | ||||
pht( | pht( | ||||
'By default, Phabricator serves files from the same domain '. | 'By default, Phabricator serves files from the same domain '. | ||||
'the application is served from. This is convenient, but '. | 'the application is served from. This is convenient, but '. | ||||
▲ Show 20 Lines • Show All 217 Lines • ▼ Show 20 Lines | return array( | ||||
'over HTTPS, never HTTP. This defuses an attack where an '. | 'over HTTPS, never HTTP. This defuses an attack where an '. | ||||
'adversary gains access to your network, then proxies requests '. | 'adversary gains access to your network, then proxies requests '. | ||||
'through an unsecured link.'. | 'through an unsecured link.'. | ||||
"\n\n". | "\n\n". | ||||
'Do not enable this option if you serve (or plan to ever serve) '. | 'Do not enable this option if you serve (or plan to ever serve) '. | ||||
'unsecured content over plain HTTP. It is very difficult to '. | 'unsecured content over plain HTTP. It is very difficult to '. | ||||
'undo this change once users\' browsers have accepted the '. | 'undo this change once users\' browsers have accepted the '. | ||||
'setting.')), | 'setting.')), | ||||
$this->newOption('keyring', $keyring_type, array()) | |||||
->setHidden(true) | |||||
->setSummary(pht('Configure master encryption keys.')) | |||||
->setDescription($keyring_description), | |||||
); | ); | ||||
} | } | ||||
protected function didValidateOption( | protected function didValidateOption( | ||||
PhabricatorConfigOption $option, | PhabricatorConfigOption $option, | ||||
$value) { | $value) { | ||||
$key = $option->getKey(); | $key = $option->getKey(); | ||||
▲ Show 20 Lines • Show All 42 Lines • Show Last 20 Lines |