diff options
| author | Kyle D <kdumontnu@gmail.com> | 2023-12-15 21:54:35 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-12-15 21:54:35 -0500 |
| commit | b8490d59deeb25aa6f03e77863c0c7ed7abdbb98 (patch) | |
| tree | bbabbb2604f9f86249322b64862f005a6b170394 /docs/content/administration/config-cheat-sheet.en-us.md | |
| parent | 047c69bd85bc5579ce6f352d7edf7fb950d84b80 (diff) | |
| download | gitea-b8490d59deeb25aa6f03e77863c0c7ed7abdbb98.tar.gz gitea-b8490d59deeb25aa6f03e77863c0c7ed7abdbb98.zip | |
Update docs for DISABLE_QUERY_AUTH_TOKEN (#28485)
As described
[here](https://github.com/go-gitea/gitea/pull/28390#issuecomment-1857553331).
Diffstat (limited to 'docs/content/administration/config-cheat-sheet.en-us.md')
| -rw-r--r-- | docs/content/administration/config-cheat-sheet.en-us.md | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/docs/content/administration/config-cheat-sheet.en-us.md b/docs/content/administration/config-cheat-sheet.en-us.md index c9e6a937c3..1fa8dacb67 100644 --- a/docs/content/administration/config-cheat-sheet.en-us.md +++ b/docs/content/administration/config-cheat-sheet.en-us.md @@ -572,6 +572,7 @@ And the following unique queues: - off - do not check password complexity - `PASSWORD_CHECK_PWN`: **false**: Check [HaveIBeenPwned](https://haveibeenpwned.com/Passwords) to see if a password has been exposed. - `SUCCESSFUL_TOKENS_CACHE_SIZE`: **20**: Cache successful token hashes. API tokens are stored in the DB as pbkdf2 hashes however, this means that there is a potentially significant hashing load when there are multiple API operations. This cache will store the successfully hashed tokens in a LRU cache as a balance between performance and security. +- `DISABLE_QUERY_AUTH_TOKEN`: **false**: Reject API tokens sent in URL query string (Accept Header-based API tokens only). This setting will default to `true` in Gitea 1.23 and be deprecated in Gitea 1.24. ## Camo (`camo`) |