Extended documentation on trusted_domains to cover ports and wildcards.

author Johannes Ernst <jernst@indiecomputing.com>

Thu, 7 Jul 2016 16:23:20 +0000 (16:23 +0000)

committer Johannes Ernst <jernst@indiecomputing.com>

Thu, 7 Jul 2016 16:23:20 +0000 (16:23 +0000)
author Johannes Ernst <jernst@indiecomputing.com>
Thu, 7 Jul 2016 16:23:20 +0000 (16:23 +0000)
committer Johannes Ernst <jernst@indiecomputing.com>
Thu, 7 Jul 2016 16:23:20 +0000 (16:23 +0000)
diff --git a/config/config.sample.php b/config/config.sample.php

index 6285e096ba7992ac90066f56db5a2efdb66aca60..14bc4eac890f430c105187b8539fa0843f07977e 100644 (file)
--- a/config/config.sample.php
+++ b/config/config.sample.php
@@ -58,6 +58,12 @@ $CONFIG = array(
   * Your list of trusted domains that users can log into. Specifying trusted
   * domains prevents host header poisoning. Do not remove this, as it performs
   * necessary security checks.
+ * You can specify:
+ * - the exact hostname of your host or virtual host, e.g. demo.example.org.
+ * - the exact hostname with permitted port, e.g. demo.example.org:443.
+ *   This disallows all other ports on this host
+ * - use * as a wildcard, e.g. ubos-raspberry-pi*.local will allow
+ *   ubos-raspberry-pi.local and ubos-raspberry-pi-2.local
   */
  'trusted_domains' =>
    array (
author	Johannes Ernst <jernst@indiecomputing.com>
	Thu, 7 Jul 2016 16:23:20 +0000 (16:23 +0000)
committer	Johannes Ernst <jernst@indiecomputing.com>
	Thu, 7 Jul 2016 16:23:20 +0000 (16:23 +0000)