mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-14 15:14:56 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add config option which requires authentication in FreeURL mode

Browse source 
This mitigates unintended note creation by bots or humans through a
simple GET call.

See discussion in #754.

Signed-off-by: Nicolas Dietrich <nidi@mailbox.org>
This commit is contained in:
Nicolas Dietrich 2021-01-22 16:47:47 +01:00
parent 3331c0947c
commit 497569fee4
5 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
lib/config/hackmdEnvironment.js
View file

@ -24,6 +24,7 @@ module.exports = {
allowAnonymous: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS),
allowAnonymousEdits: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS_EDITS),
allowFreeURL: toBooleanConfig(process.env.HMD_ALLOW_FREEURL),
requireFreeURLAuthentication: toBooleanConfig(process.env.HMD_REQUIRE_FREEURL_AUTH),
defaultPermission: process.env.HMD_DEFAULT_PERMISSION,
dbURL: process.env.HMD_DB_URL,
sessionSecret: process.env.HMD_SESSION_SECRET,