Parent | Configuration | Required | Default | Type | Description |
---|---|---|---|---|---|
|
|
| String | Hostname of the server with the content server | |
|
|
| Integer | Port of the content server usually | |
|
|
|
| String | Protocol of the content server |
|
|
|
| String | Context Path of the server usually |
|
| tia Viewer maps repositories to instance | List<String> | Relevant in CSV configuration, seehttps://kgs-software.atlassian.net/wiki/spaces/WIKI/pages/3246620679/Supported+Scenarios+Vc#Content-Server-Viewer-(CSV). This parameter allows to map repositories to instances that can be configured separately. For more information see Instance settings . Example in YAML configuration file: tia: repositoryinstancemapping: FI: finance HR: finance TR: default ZI: production | |
|
| ❗ |
| String | This default is not intended for production use: Change this value |
|
|
|
| Boolean | Default setting when the request for print does not contain any information whether to include the notes or not. |
|
|
|
| Boolean | Default setting when the request for print does not contain any information whether to include the annotations or not. |
|
|
|
| String | Default stamps available to all instances, additional to the instance specific configured values. Stamp files are supported in the following formats: Configuration allows to enter a folder e.g.:
one or more files:
|
|
|
|
| Integer | Max size of cache entries, i.e. one stamp file is one entry. If more stamps are present, the oldest ones are removed from cache. |
|
|
|
| Integer | Lifetime of unused entries in stamp cache in minutes. |
|
|
|
| Integer | Max file size in bytes of each stamp file. |
|
|
|
| String (Enum) | How emails are displayed and edited. Available values:
|
|
| default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-src 'self' blob:; object-src 'self'; media-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'; manifest-src 'self'; worker-src 'self'; | String | Content Security Policy. Secure against various attacks like XSS, Injection and more. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP | |
|
| http(s)://localhost:<port> | String | CORS Header: Access-Control-Allowed-Origin. The Browser Accepts resources from the allowed origin. In the default, it will be created from:
May be directly overwritten with
Allowed values are:
Example: spring.security.cors.allowed-origins: "*" | |
|
| List<String> | CORS Header: Access-Control-Allowed-Methods. The methods that are allowed by the browser to be used to access resources. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods Allowed values are:
Examples: spring.security.cors.allowed-methods: "*" spring.security.cors.allowed-methods: "GET, PUT, DELETE" | ||
|
| Access-Control-Allow-Headers, Access-Control-Allow-Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Cache-Control, Content-Type, Authorization | List<String> | CORS Header: Access-Control-Allowed-Headers. The Headers, that are allowed by the browser. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers Allowed values are:
Example: spring.security.cors.allowed-headers: "*" | |
|
|
| Boolean | CORS Header: Access-Control-Allow-Credentials. Tell the browser, whether it allowes cross-origin request credentials or not (credentials may be in cookies etc.) See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials Example: tia.security.cors.allowe-credentials: false | |
|
|
| String(Enum) | CORS Header: X-Frame-Options. Tells the browser if it accept the content of the viewer when its embedded in an IFrame. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options Hint: This flag is obsolete when using CSP frame-ancestor Allowed values are:
Example: spring.security.cors.allow-x-frame-options-from: "*" | |
|
|
| String (Enum) | Cross-Site Protection Header. Should not be set in Production. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection Allowed values are:
Example: spring.security.xss.mode: block-mode |
General
Content
Integrations