diff options
| author | Liam Mitchell <[email protected]> | 2026-03-04 17:52:54 -0800 |
|---|---|---|
| committer | Liam Mitchell <[email protected]> | 2026-03-04 17:52:54 -0800 |
| commit | 1cd70d1e875c2331d8a3c57aa8b0fd7267a63973 (patch) | |
| tree | a8a70a2e2dc775f76578d19b4cdc04f1a8824265 /src/zenserver/storage/storageconfig.cpp | |
| parent | Restore debug logging in zenserver tests (diff) | |
| download | zen-1cd70d1e875c2331d8a3c57aa8b0fd7267a63973.tar.xz zen-1cd70d1e875c2331d8a3c57aa8b0fd7267a63973.zip | |
Allow requests with invalid content-types unless specified in command line or config
Diffstat (limited to 'src/zenserver/storage/storageconfig.cpp')
| -rw-r--r-- | src/zenserver/storage/storageconfig.cpp | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/zenserver/storage/storageconfig.cpp b/src/zenserver/storage/storageconfig.cpp index 0f8ab1e98..99d0f89d7 100644 --- a/src/zenserver/storage/storageconfig.cpp +++ b/src/zenserver/storage/storageconfig.cpp @@ -496,6 +496,7 @@ ZenStorageServerConfigurator::AddConfigOptions(LuaConfig::Options& LuaOptions) LuaOptions.AddOption("security.encryptionaeskey"sv, ServerOptions.EncryptionKey, "encryption-aes-key"sv); LuaOptions.AddOption("security.encryptionaesiv"sv, ServerOptions.EncryptionIV, "encryption-aes-iv"sv); LuaOptions.AddOption("security.openidproviders"sv, ServerOptions.AuthConfig); + LuaOptions.AddOption("security.restrictcontenttypes"sv, ServerOptions.RestrictContentTypes, "restrict-content-types"sv); ////// workspaces LuaOptions.AddOption("workspaces.enabled"sv, ServerOptions.WorksSpacesConfig.Enabled, "workspaces-enabled"sv); @@ -649,6 +650,12 @@ ZenStorageServerCmdLineOptions::AddSecurityOptions(cxxopts::Options& options, Ze options.add_option("security", "", "openid-provider-url", "Open ID provider URL", cxxopts::value<std::string>(OpenIdProviderUrl), ""); options.add_option("security", "", "openid-client-id", "Open ID client ID", cxxopts::value<std::string>(OpenIdClientId), ""); + options.add_option("security", + "", + "restrict-content-types", + "Restrict content-type in requests to content-types that are not allowed in CORS simple requests", + cxxopts::value<bool>(ServerOptions.RestrictContentTypes), + ""); } void |