Changeset View
Changeset View
Standalone View
Standalone View
src/applications/config/option/PhabricatorSecurityConfigOptions.php
Show First 20 Lines • Show All 103 Lines • ▼ Show 20 Lines | return array( | ||||
->setHidden(true) | ->setHidden(true) | ||||
->setSummary( | ->setSummary( | ||||
pht('Key for HMAC digests.')) | pht('Key for HMAC digests.')) | ||||
->setDescription( | ->setDescription( | ||||
pht( | pht( | ||||
'Default key for HMAC digests where the key is not important '. | 'Default key for HMAC digests where the key is not important '. | ||||
'(i.e., the hash itself is secret). You can change this if you '. | '(i.e., the hash itself is secret). You can change this if you '. | ||||
'want (to any other string), but doing so will break existing '. | 'want (to any other string), but doing so will break existing '. | ||||
'sessions and CSRF tokens.')), | 'sessions and CSRF tokens. This option is deprecated. Newer '. | ||||
'code automatically manages HMAC keys.')), | |||||
$this->newOption('security.require-https', 'bool', false) | $this->newOption('security.require-https', 'bool', false) | ||||
->setLocked(true) | ->setLocked(true) | ||||
->setSummary( | ->setSummary( | ||||
pht('Force users to connect via HTTPS instead of HTTP.')) | pht('Force users to connect via HTTPS instead of HTTP.')) | ||||
->setDescription( | ->setDescription( | ||||
pht( | pht( | ||||
"If the web server responds to both HTTP and HTTPS requests but ". | "If the web server responds to both HTTP and HTTPS requests but ". | ||||
"you want users to connect with only HTTPS, you can set this ". | "you want users to connect with only HTTPS, you can set this ". | ||||
▲ Show 20 Lines • Show All 244 Lines • Show Last 20 Lines |