projects / mir.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
values for web bugs squasher
[mir.git] / source / default.properties
diff --git a/source/default.properties b/source/default.properties
index 208d2e7..be6f795 100755 (executable)
--- a/source/default.properties
+++ b/source/default.properties
@@ -2,7 +2,7 @@
 # GENERAL SETUP
 #
 # This is a full list of defaults options. To configure your site
-# do NOT change this file. You can override all of these values in 
+# do NOT change this file. You can override all of these values in
 # your etc/config.properties
 #
 
@@ -17,7 +17,6 @@ Mir.Public-email.address=mir-coders@lists.indymedia.org
 Mir.Public-email.name=mir-coders mailinglist
 
 Mir.Version=1.1.0rc0
-DirectOpenposting=yes
 
 # The name of the abuse config file (relative to the WEB-INF dir)
 Abuse.Config=abuse.properties
@@ -82,11 +81,14 @@ Mir.Localizer.Producer.GeneratorLibrary= default=freemarker(etc/producer/)
 Mir.Localizer.Admin.GeneratorLibrary= default=freemarker(templates/admin/),preview=freemarker(etc/producer)
 Mir.Localizer.OpenPosting.GeneratorLibrary= default=freemarker(etc/open/)
 
+# Should an XSS preventing interceptor be used by the producer subsystem?
+Mir.Producer.UseInterceptor=1
+
 # How should the custom operations (hide etc) in article and comment lists
 # be presented?
 # 0 = links, 1 = checkboxes, 2 = a listbox
 Mir.Localizer.Admin.ListOperationsFlavor=2
-                            
+
 # Article previews, a comma seperated list of name = generator
 Mir.Localizer.Admin.ArticlePreview = \
   default = preview::article.template
@@ -214,6 +216,15 @@ Producer.RealMedia.Host=rtsp://some.media.server/somedir/
 # absolute directory, where the images are saved
 Producer.Image.Path=/pub/Dokumente/Indymedia/de-tech/Mir/produced/images/
 
+# absolute directory where image originals are saved if image resizing is enabled
+# this can be ignored if image scaling is not being used
+#
+Producer.ImagesOriginalDir.Path=/pub/Dokumente/Indymedia/de-tech/Mir/produced/images/raw
+
+# relative path from the site root where the templates can find raw (unresized) images:
+# this can be ignored if image scaling is not being used
+Producer.ImagesOriginalDir.RelPath=/images/raw
+
 # images will be scaled down so that the size (both widht and height) are below:
 Producer.Image.MaxSize = 640
 
@@ -288,8 +299,10 @@ PDF.Title.FontSize=24
 PDF.Title.LineHeight=28
 PDF.Title.FontFamily=courier
 
-# footer is about two lines of small text which will appear at the bottom of every page
+# Source will be expanded to come to a URL to the article
+PDF.Source=${config["Producer.PublicationHost"]}${config['Mir.Login.DefaultLanguage']}/${article.date.formatted['yyyy/MM']}/${article.id}.shtml
 
+# footer is about two lines of small text which will appear at the bottom of every page
 PDF.Footer.String=Indymedia does blah.  Content is good, and free to use for non-commercial purposes under the Open Content license. if you have questions, email someone.
 PDF.Footer.Height=54
 PDF.Footer.FontSize=12
@@ -394,7 +407,7 @@ Mir.DefaultDateTimeFormat = yyyy-MM-dd HH:mm
 Localizer.OpenSession.PersistentUploadedFiles = 0
 
 # Should support for ftp-like uploads (uploads done
-# outside of mir, but included into postings) be 
+# outside of mir, but included into postings) be
 # supported at all?
 Localizer.OpenSession.AllowFTPUploads = 0
 
@@ -432,6 +445,15 @@ Localizer.OpenSession.email.DoneTemplate =/sent_mail.template
 
 Localizer.HTML.Whitelist=a;img;h1;h2;h3;h4;h5;h6;br;form;input;hr;strong;font;b;i;em;p;table;tr;td;th;ul;ol;li
 
+Localizer.HTML.BadAttributeValuePrefixes=javascript;vbscript;about;wysiwyg;data;view-source;ms-its;mhtml;shell;lynxexec;lynxcgi;hcp;ms-help;help;disk;vnd.ms.radio;opera;res;resource;chrome;mocha;livescript
+
+Localizer.HTML.BadAttributes=onabort;onblur;onchange;onclick;ondblclick;onerror;onfocus;onkeydown;onKeypress;onkeyup;onload;onmousedown;onmousemove;onmouseout;onmouseover;onmouseup;onreset;onselect;onsubmit;onunload;onload;onclick;onfocus;onblur;FSCommand;onAbort;onActivate;onAfterPrint;onAfterUpdate;onBeforeActivate;onBeforeCopy;onBeforeCut;onBeforeDeactivate;onBeforeEditFocus;onBeforePaste;onBeforePrint;onBeforeUnload;onBegin;onBlur;onBounce;onCellChange;onChange;onClick;onContextMenu;onControlSelect;onCopy;onCut;onDataAvailible;onDataSetChanged;onDataSetComplete;onDblClick;onDeactivate;onDrag;onDragEnd;onDragLeave;onDragEnter;onDragOver;onDragDrop;onDrop;onEnd;onError;onErrorUpdate;onExit;onFilterChange;onFinish;onFocus;onFocusIn;onFocusOut;onHelp;onKeyDown;onKeyPress;onKeyUp;onLayoutComplete;onLoad;onLoseCapture;onMediaComplete;onMediaError;onMouseDown;onMouseEnter;onMouseLeave;onMouseMove;onMouseOut;onMouseOver;onMouseUp;onMouseWheel;onMove;onMoveEnd;onMoveStart;onOutOfSync;onPaste;onPause;onProgress;onPropertyChange;onReadyStateChange;onRepeat;onReset;onResize;onResizeEnd;onResizeStart;onResume;onReverse;onRowEnter;onRowExit;onRowDelete;onRowInserted;onScroll;onSeek;onSelect;onSelectionChange;onSelectStart;onStart;onStop;onSynchRestored;onSubmit;onTimeError;onTrackChange;onUnload;onURLFlip;seekSegmentTime;style;height;width
+
+# don't let external content get loaded
+Localizer.HTML.KillWebBugs=0
+Localizer.HTML.ExternalLocationAttributeValuePrefixes=http://;https://;ftp://;gopher://
+Localizer.HTML.WhitelistedExternalLocationAttributeValuePrefixes=http://media.de.indymedia.org/;https://media.de.indymedia.org/
+
 
 #
 # config used for OpenIndy
The Mir CMS