diff options
| author | Daan Sprenkels | 2018-11-13 00:14:25 +0100 |
|---|---|---|
| committer | Daan Sprenkels | 2018-11-17 13:23:03 +0100 |
| commit | 4bd8d7eb91524cc936bc607f8291804689de35ea (patch) | |
| tree | 8f3137af224c4af7507a2cfb200b2bd1298086f7 /README.md | |
| parent | 54d3d930cf39c2a3bec422d858cbac20ad8118eb (diff) | |
Disallow creation of robots.txt in freeurl
Add a configuration setting to "hard"-disable creation of notes as
set by the configuration value. This defaults to `['robots.txt',
'favicon.ico']`, because these files are often accidentally created
by bots and browsers.
This commit fixes #1052.
Signed-off-by: Daan Sprenkels <hello@dsprenkels.com>
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -186,6 +186,7 @@ There are some config settings you need to change in the files below. | `CMD_ALLOW_ANONYMOUS` | `true` or `false` | set to allow anonymous usage (default is `true`) | | `CMD_ALLOW_ANONYMOUS_EDITS` | `true` or `false` | if `allowAnonymous` is `true`, allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) | | `CMD_ALLOW_FREEURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL | +| `CMD_FORBIDDEN_NODE_IDS` | `'robots.txt'` | disallow creation of notes, even if `CMD_ALLOW_FREEURL` is `true` | | `CMD_DEFAULT_PERMISSION` | `freely`, `editable`, `limited`, `locked` or `private` | set notes default permission (only applied on signed users) | | `CMD_DB_URL` | `mysql://localhost:3306/database` | set the database URL | | `CMD_SESSION_SECRET` | no example | Secret used to sign the session cookie. If non is set, one will randomly generated on startup | @@ -284,6 +285,7 @@ There are some config settings you need to change in the files below. | `allowAnonymous` | `true` or `false` | set to allow anonymous usage (default is `true`) | | `allowAnonymousEdits` | `true` or `false` | if `allowAnonymous` is `true`: allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) | | `allowFreeURL` | `true` or `false` | set to allow new note creation by accessing a nonexistent note URL | +| `forbiddenNoteIDs` | `['robots.txt']` | disallow creation of notes, even if `allowFreeUrl` is `true` | | `defaultPermission` | `freely`, `editable`, `limited`, `locked`, `protected` or `private` | set notes default permission (only applied on signed users) | | `dbURL` | `mysql://localhost:3306/database` | set the db URL; if set, then db config (below) won't be applied | | `db` | `{ "dialect": "sqlite", "storage": "./db.codimd.sqlite" }` | set the db configs, [see more here](http://sequelize.readthedocs.org/en/latest/api/sequelize/) | |