default.services.yml 9.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239
  1. parameters:
  2. # Toggles the super user access policy. If your website has at least one user
  3. # with the Administrator role, it is advised to set this to false. This allows
  4. # you to make user 1 a regular user, strengthening the security of your site.
  5. security.enable_super_user: true
  6. session.storage.options:
  7. # Default ini options for sessions.
  8. #
  9. # Some distributions of Linux (most notably Debian) ship their PHP
  10. # installations with garbage collection (gc) disabled. Since Drupal depends
  11. # on PHP's garbage collection for clearing sessions, ensure that garbage
  12. # collection occurs by using the most common settings.
  13. # @default 1
  14. gc_probability: 1
  15. # @default 100
  16. gc_divisor: 100
  17. #
  18. # Set session lifetime (in seconds), i.e. the grace period for session
  19. # data. Sessions are deleted by the session garbage collector after one
  20. # session lifetime has elapsed since the user's last visit. When a session
  21. # is deleted, authenticated users are logged out, and the contents of the
  22. # user's session is discarded.
  23. # @default 200000
  24. gc_maxlifetime: 200000
  25. #
  26. # Set session cookie lifetime (in seconds), i.e. the time from the session
  27. # is created to the cookie expires, i.e. when the browser is expected to
  28. # discard the cookie. The value 0 means "until the browser is closed".
  29. # @default 2000000
  30. cookie_lifetime: 2000000
  31. #
  32. # Drupal automatically generates a unique session cookie name based on the
  33. # full domain name used to access the site. This mechanism is sufficient
  34. # for most use-cases, including multi-site deployments. However, if it is
  35. # desired that a session can be reused across different subdomains, the
  36. # cookie domain needs to be set to the shared base domain. Doing so assures
  37. # that users remain logged in as they cross between various subdomains.
  38. # To maximize compatibility and normalize the behavior across user agents,
  39. # the cookie domain should start with a dot.
  40. #
  41. # @default none
  42. # cookie_domain: '.example.com'
  43. #
  44. # Set the SameSite cookie attribute: 'None', 'Lax', or 'Strict'. If set,
  45. # this value will override the server value. See
  46. # https://www.php.net/manual/en/session.security.ini.php for more
  47. # information.
  48. # @default no value
  49. cookie_samesite: Lax
  50. #
  51. # Set the session ID string length. The length can be between 22 to 256. The
  52. # PHP recommended value is 48. See
  53. # https://www.php.net/manual/session.security.ini.php for more information.
  54. # This value should be kept in sync with
  55. # \Drupal\Core\Session\SessionConfiguration::__construct()
  56. # @default 48
  57. sid_length: 48
  58. #
  59. # Set the number of bits in encoded session ID character. The possible
  60. # values are '4' (0-9, a-f), '5' (0-9, a-v), and '6' (0-9, a-z, A-Z, "-",
  61. # ","). The PHP recommended value is 6. See
  62. # https://www.php.net/manual/session.security.ini.php for more information.
  63. # This value should be kept in sync with
  64. # \Drupal\Core\Session\SessionConfiguration::__construct()
  65. # @default 6
  66. sid_bits_per_character: 6
  67. # By default, Drupal generates a session cookie name based on the full
  68. # domain name. Set the name_suffix to a short random string to ensure this
  69. # session cookie name is unique on different installations on the same
  70. # domain and path (for example, when migrating from Drupal 7).
  71. name_suffix: ''
  72. twig.config:
  73. # Twig debugging:
  74. #
  75. # When debugging is enabled:
  76. # - The markup of each Twig template is surrounded by HTML comments that
  77. # contain theming information, such as template file name suggestions.
  78. # - Note that this debugging markup will cause automated tests that directly
  79. # check rendered HTML to fail. When running automated tests, 'debug'
  80. # should be set to FALSE.
  81. # - The dump() function can be used in Twig templates to output information
  82. # about template variables.
  83. # - Twig templates are automatically recompiled whenever the source code
  84. # changes (see auto_reload below).
  85. #
  86. # For more information about debugging Twig templates, see
  87. # https://www.drupal.org/node/1906392.
  88. #
  89. # Enabling Twig debugging is not recommended in production environments.
  90. # @default false
  91. debug: false
  92. # Twig auto-reload:
  93. #
  94. # Automatically recompile Twig templates whenever the source code changes.
  95. # If you don't provide a value for auto_reload, it will be determined
  96. # based on the value of debug.
  97. #
  98. # Enabling auto-reload is not recommended in production environments.
  99. # @default null
  100. auto_reload: null
  101. # Twig cache:
  102. #
  103. # By default, Twig templates will be compiled and stored in the filesystem
  104. # to increase performance. Disabling the Twig cache will recompile the
  105. # templates from source each time they are used. In most cases the
  106. # auto_reload setting above should be enabled rather than disabling the
  107. # Twig cache.
  108. #
  109. # Disabling the Twig cache is not recommended in production environments.
  110. # @default true
  111. cache: true
  112. # File extensions:
  113. #
  114. # List of file extensions the Twig system is allowed to load via the
  115. # twig.loader.filesystem service. Files with other extensions will not be
  116. # loaded unless they are added here. For example, to allow a file named
  117. # 'example.partial' to be loaded, add 'partial' to this list. To load files
  118. # with no extension, add an empty string '' to the list.
  119. #
  120. # @default ['css', 'html', 'js', 'svg', 'twig']
  121. allowed_file_extensions:
  122. - css
  123. - html
  124. - js
  125. - svg
  126. - twig
  127. renderer.config:
  128. # Renderer required cache contexts:
  129. #
  130. # The Renderer will automatically associate these cache contexts with every
  131. # render array, hence varying every render array by these cache contexts.
  132. #
  133. # @default ['languages:language_interface', 'theme', 'user.permissions']
  134. required_cache_contexts: ['languages:language_interface', 'theme', 'user.permissions']
  135. # Renderer automatic placeholdering conditions:
  136. #
  137. # Drupal allows portions of the page to be automatically deferred when
  138. # rendering to improve cache performance. That is especially helpful for
  139. # cache contexts that vary widely, such as the active user. On some sites
  140. # those may be different, however, such as sites with only a handful of
  141. # users. If you know what the high-cardinality cache contexts are for your
  142. # site, specify those here. If you're not sure, the defaults are fairly safe
  143. # in general.
  144. #
  145. # For more information about rendering optimizations see
  146. # https://www.drupal.org/developing/api/8/render/arrays/cacheability#optimizing
  147. auto_placeholder_conditions:
  148. # Max-age at or below which caching is not considered worthwhile.
  149. #
  150. # Disable by setting to -1.
  151. #
  152. # @default 0
  153. max-age: 0
  154. # Cache contexts with a high cardinality.
  155. #
  156. # Disable by setting to [].
  157. #
  158. # @default ['session', 'user']
  159. contexts: ['session', 'user']
  160. # Tags with a high invalidation frequency.
  161. #
  162. # Disable by setting to [].
  163. #
  164. # @default []
  165. tags: []
  166. # Renderer cache debug:
  167. #
  168. # Allows cache debugging output for each rendered element.
  169. #
  170. # Enabling render cache debugging is not recommended in production
  171. # environments.
  172. # @default false
  173. debug: false
  174. # Cacheability debugging:
  175. #
  176. # Responses with cacheability metadata (CacheableResponseInterface instances)
  177. # get X-Drupal-Cache-Tags, X-Drupal-Cache-Contexts and X-Drupal-Cache-Max-Age
  178. # headers.
  179. #
  180. # For more information about debugging cacheable responses, see
  181. # https://www.drupal.org/developing/api/8/response/cacheable-response-interface
  182. #
  183. # Enabling cacheability debugging is not recommended in production
  184. # environments.
  185. # @default false
  186. http.response.debug_cacheability_headers: false
  187. factory.keyvalue: {}
  188. # Default key/value storage service to use.
  189. # @default keyvalue.database
  190. # default: keyvalue.database
  191. # Collection-specific overrides.
  192. # state: keyvalue.database
  193. factory.keyvalue.expirable: {}
  194. # Default key/value expirable storage service to use.
  195. # @default keyvalue.database.expirable
  196. # default: keyvalue.database.expirable
  197. # Allowed protocols for URL generation.
  198. filter_protocols:
  199. - http
  200. - https
  201. - ftp
  202. - news
  203. - nntp
  204. - tel
  205. - telnet
  206. - mailto
  207. - irc
  208. - ssh
  209. - sftp
  210. - webcal
  211. - rtsp
  212. # Configure Cross-Site HTTP requests (CORS).
  213. # Read https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
  214. # for more information about the topic in general.
  215. # Note: By default the configuration is disabled.
  216. cors.config:
  217. enabled: false
  218. # Specify allowed headers, like 'x-allowed-header'.
  219. allowedHeaders: []
  220. # Specify allowed request methods, specify ['*'] to allow all possible ones.
  221. allowedMethods: []
  222. # Configure requests allowed from specific origins. Do not include trailing
  223. # slashes with URLs.
  224. allowedOrigins: ['*']
  225. # Configure requests allowed from origins, matching against regex patterns.
  226. allowedOriginsPatterns: []
  227. # Sets the Access-Control-Expose-Headers header.
  228. exposedHeaders: false
  229. # Sets the Access-Control-Max-Age header.
  230. maxAge: false
  231. # Sets the Access-Control-Allow-Credentials header.
  232. supportsCredentials: false
  233. queue.config:
  234. # The maximum number of seconds to wait if a queue is temporarily suspended.
  235. # This is not applicable when a queue is suspended but does not specify
  236. # how long to wait before attempting to resume.
  237. suspendMaximumWait: 30