mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2025-05-16 16:14:43 -04:00
config: Add a flag to control the /metrics and /status endpoints
It can be a security concern in some environments to expose system capabilities even though they don't expose any PII. Add some flags (defaulted `true` to maintain existing behaviour) to control whether the /metrics and /status (and anything in the StatusRouter) are exposed. Signed-off-by: Stéphane Maniaci <stephane.maniaci@beta.gouv.fr>
This commit is contained in:
Stéphane Maniaci
Philip Molares
parent
e5a8a3b041
commit
d10ead4c6c
5 changed files with 48 additions and 21 deletions
|
|
@ -29,6 +29,10 @@ module.exports = {
|
|||
allowFraming: true,
|
||||
allowPDFEmbed: true
|
||||
},
|
||||
observability: {
|
||||
exposeMetrics: true,
|
||||
exposeStatus: true
|
||||
},
|
||||
cookiePolicy: 'lax',
|
||||
protocolUseSSL: false,
|
||||
allowAnonymous: true,
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue