MyFavMirrors/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-11-07 12:52:54 -05:00
Code Issues Packages Projects Releases Wiki Activity

CookieIpCheck now has none/lax/strict options, with default being lax. #3861

Browse Source
This commit is contained in:
Ylian Saint-Hilaire
2022-04-09 17:12:52 -07:00
parent 1947dccf9b
commit 8fce45ad76
3 changed files with 33 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
meshcentral-config-schema.json
View File

@@ -63,7 +63,7 @@
"certificatePrivateKeyPassword": { "type": "array", "default": null, "description": "List of passwords used to decrypt PKCK#8 .key files that are in the meshcentral-data folder." },
"sessionTime": { "type": "integer", "default": 60, "description": "Duration of a session cookie in minutes. Changing this affects how often the session needs to be automatically refreshed." },
"sessionKey": { "type": "string", "default": null, "description": "Password used to encrypt the MeshCentral web session cookies. If null, a random one is generated each time the server starts." },
"sessionSameSite": { "type": "string", "default": "strict", "enum": ["strict", "lax", "none"] },
"cookieSameSite": { "type": "string", "default": "lax", "enum": ["strict", "lax", "none"] },
"dbEncryptKey": { "type": "string" },
"dbRecordsEncryptKey": { "type": "string", "default": null },
"dbRecordsDecryptKey": { "type": "string", "default": null },
@@ -94,7 +94,7 @@
"allowLoginToken": { "type": "boolean", "default": false },
"StrictTransportSecurity": { "type": ["boolean", "string"], "default": null, "description": "Controls the Strict-Transport-Security header, default is 1 year. Set to false to remove, true to force enable, or string to set a custom value. If set to null, MeshCentral will enable if a trusted certificate is set." },
"allowFraming": { "type": "boolean", "default": false, "description": "When enabled, the MeshCentral web site can be embedded within another website's iframe." },
"cookieIpCheck": { "type": "boolean" },
"cookieIpCheck": { "type": [ "string", "boolean" ], "default": "lax", "enum": ["strict", "lax", "none"] },
"cookieEncoding": { "type": "string", "enum": [ "hex", "base64" ], "default": "base64", "description": "Encoding format of cookies in the HTTP headers, this is typically Base64 but some reverse proxies will require HEX." },
"webRTC": { "type": "boolean", "default": false, "description": "When enabled, allows use of WebRTC to allow direct network traffic between the agent and browser." },
"nice404": { "type": "boolean", "default": true, "description": "By default, a nice looking 404 error page is displayed when needed. Set this to false to disable it." },