Deployment Manual / Version 2301
Table Of Contentscaas.graphql.max-execution-timeout
| |
| Type | java.time.Duration |
| Default | 0 |
| Description | Limits the allowed execution time for a query, set in milliseconds. 0 = no timeout. |
caas.graphql.max-query-complexity
| |
| Type | java.lang.Integer |
| Default | 0 |
| Description | Limits the complexity of a graphql query if set to a value greater than 0. 0 = off. |
caas.graphql.max-query-depth
| |
| Type | java.lang.Integer |
| Default | 30 |
| Description | Limits the depth of a graphql query if set to a value greater than 0. 0 = off. |
caas.graphql.repository-path-exclude-patterns
| |
| Type | java.util.List<java.lang.String> |
| Default | [/Settings/Options/Settings/Internal/**, /Sites/**/Options/Settings/Internal/**, /Settings/Options/Settings/Feedback Hub, /Sites/**/Options/Settings/Feedback Hub, /Settings/Options/Settings/Content Hub, /Sites/**/Options/Settings/Content Hub, /Settings/Options/Settings/GlobalLink, /Settings/Options/Settings/Translation Services, /Sites/**/Options/Settings/Translation Services, /Settings/Options/Settings/Elastic Social Credentials] |
| Description | Repository paths excluded from retrieval via GraphQL endpoint. The paths may contain glob style expressions. Note, that the document name must be part of the path, if you do not use glob style expressions and want to protect a distinct document. Examples: caas.graphql.repository-path-exclude-patterns[0]=/A/B/C/D caas.graphql.repository-path-exclude-patterns[1]=/A/*/C/* caas.graphql.repository-path-exclude-patterns[2]=/A/B/** caas.graphql.repository-path-exclude-patterns[3]=/A/**/C/* |
caas.search.cache.querylist-search-cache-for-seconds
| |
| Type | java.lang.Integer |
| Default | -1 |
| Description | Time to cache query list search results in seconds. Set it to "-1" to deactivate the query list cache. |
caas.search.cache.seconds
| |
| Type | java.lang.Integer |
| Default | -1 |
| Description | Time to cache search query results in seconds. Set it to "-1" to deactivate the search-query cache. |
caas.search.enabled
| |
| Type | java.lang.Boolean |
| Default | true |
| Description | Enable graphql search extensions. |
caas.search.load-search-schema
| |
| Type | java.lang.Boolean |
| Default | true |
| Description | Load the GraphQL search schema extensions. |
caas.search.max-search-limit
| |
| Type | java.lang.Integer |
| Default | 200 |
| Description | Limit the count of search results hits. Defaults to 200. |
caas.search.solr.collection
| |
| Type | java.lang.String |
| Default | preview |
| Description | Solr collection to use for CaaS search. |
caas.stax.context-trace-enabled
| |
| Type | java.lang.Boolean |
| Default | false |
| Description | When 'true', wraps ContextHandlers and OutputHandlers while parsing in order to tracelog all parsing events. This is for debugging purposes only. Defaults to false. Additionally this requires the loglevel for 'com.coremedia.caas.richtext.stax.handler.output' to be set to trace level: logging.level.com.coremedia.caas.richtext.stax.handler.output = trace |
caas.stax.max-aliases-for-collections
| |
| Type | java.lang.Integer |
| Default | 50 |
| Description | Configures the maximum number of allowed yaml aliases used by snakeyaml instances while parsing rich text configurations. Defaults to 50. |
caas.stax.suppress-root-tag
| |
| Type | java.lang.Boolean |
| Default | true |
| Description | When 'false', the root tag in the string result of a rich text transformation is not suppressed. Defaults to true. |
caas.bypass-filter-predicates
| |
| Type | null |
| Default | false |
| Description | If enabled, FilterPredicates my be ignored via request header 'X-Ignore-Filters'. If disabled, the header is ignored. |
caas.cache-specs
| |
| Type | java.util.Map<java.lang.String,java.lang.String> |
| Default | |
| Description | (Caffeine Cache) configuration: Cache specs by cache name. Size based eviction:
Time based eviction:
Durations are represented by an integer, followed by one of "d", "h", "m", or "s", representing days, hours, minutes, or seconds respectively. |
caas.cors.allow-credentials-for-url-pattern
| |
| Type | java.util.Map<java.lang.String,java.lang.Boolean> |
| Default | |
| Description | Map of whether user credentials are supported, based on URL patterns. Example: caas.cors.allow-credentials-for-url-pattern[/**]=true See {@link org.springframework.web.util.pattern.PathPattern} for the syntax of allowed path patterns. |
caas.cors.allowed-headers-for-url-pattern
| |
| Type | java.util.Map<java.lang.String,java.util.List<java.lang.String>> |
| Default | [/**]=* |
| Description | Map of headers that a pre-flight request can list as allowed for use during an actual request, based on URL patterns. A header name is not required to be listed if it is one of: Cache-Control, Content-Language, Expires, Last-Modified or Pragma. Example: caas.cors.allowed-headers-for-url-pattern[/**]=x-requested-with,x-csrf-token See {@link org.springframework.web.util.pattern.PathPattern} for the syntax of allowed path patterns. |
caas.cors.allowed-methods-for-url-pattern
| |
| Type | java.util.Map<java.lang.String,java.util.List<java.lang.String>> |
| Default | |
| Description | Map of HTTP methods to allow, based on URL patterns. Example: caas.cors.allowed-methods-for-url-pattern[/**]=GET,POST,PUT See {@link org.springframework.web.util.pattern.PathPattern} for the syntax of allowed path patterns. |
caas.cors.allowed-origins-for-url-pattern
| |
| Type | java.util.Map<java.lang.String,java.util.List<java.lang.String>> |
| Default | |
| Description | Map of origins to allow, based on URL patterns. Example: caas.cors.allowed-origins-for-url-pattern[/**]=https://domain1.com,https://domain2.com See {@link org.springframework.web.util.pattern.PathPattern} for the syntax of allowed path patterns. |
caas.cors.disable-protection
| |
| Type | java.lang.Boolean |
| Default | false |
| Description | Disable CORS configuration completely. Disabling CORS results effectively in an 'allow all CORS policy'. |
caas.cors.exposed-headers-for-url-pattern
| |
| Type | java.util.Map<java.lang.String,java.util.List<java.lang.String>> |
| Default | |
| Description | Map of response headers other than simple headers (i.e. Cache-Control, Content-Language, Content-Type, Expires, Last-Modified or Pragma) that an actual response might have and can be exposed, based on URL patterns. Example: caas.cors.exposed-headers-for-url-pattern[/**]=x-requested-with,x-csrf-token See {@link org.springframework.web.util.pattern.PathPattern} for the syntax of allowed path patterns. |
caas.cors.fallback.allow-credentials
| |
| Type | java.lang.Boolean |
| Default | true |
| Description | Allow credentials flag to be used for path pattern '/**', in the case that no specific CORS configuration exists at all. @see org.springframework.web.cors.CorsConfiguration#setAllowCredentials(Boolean) |
caas.cors.fallback.allowed-methods
| |
| Type | java.util.List<java.lang.String> |
| Default | GET,POST,OPTIONS |
| Description | The fallback allowed methods to be used for path pattern '/**', in the case that no specific CORS configuration exists at all. @see org.springframework.web.cors.CorsConfiguration#setAllowedMethods(List) |
caas.cors.fallback.allowed-origin
| |
| Type | java.lang.String |
| Default | |
| Description | A fallback allowed origin to be used for path pattern '/**', in the case that no specific CORS configuration exists at all. This may be used to easily configure a minimal CORS config consisting of the FQDN, which is usually set via environment variables. @see org.springframework.web.cors.CorsConfiguration#setAllowedOrigins(List) |
caas.cors.max-age-for-url-pattern
| |
| Type | java.util.Map<java.lang.String,java.time.Duration> |
| Default | |
| Description | Map of how long, as a duration, the response from a pre-flight request can be cached by clients, based on URL patterns. Example: caas.cors.max-age-for-url-pattern[/**]=3m See {@link org.springframework.web.util.pattern.PathPattern} for the syntax of allowed path patterns. |
caas.expose-extensions
| |
| Type | java.lang.Boolean |
| Default | false |
| Description | Set to true to expose extensions as described by the GraphQL spec. |
caas.forward-cookies
| |
| Type | java.lang.Boolean |
| Default | false |
| Description | Enables http cookie forwarding of incoming requests on endpoint 'graphql' and for persisted queries on '/caas/v1/*' towards outgoing, secondary requests to 'graphql' (triggered by '/preview') and cae remote link resolving. |
caas.forward-header-names
| |
| Type | java.util.List<java.lang.String> |
| Default | |
| Description | Comaseparated enumeration of http headernames to be forwarded for incoming requests on endpoint 'graphql' and for persisted queries on '/caas/v1/*' towards outgoing, secondary requests to 'graphql' (triggered by /preview) and cae remote link resolving. |
caas.graphql-restmapping-controller.enabled
| |
| Type | java.lang.Boolean |
| Default | true |
| Description | En-/disable REST mapping controller. Enabled by default (true). |
caas.log-requests
| |
| Type | java.lang.Boolean |
| Default | false |
| Description | Enables logging for HTTP requests (excluding OPTIONS) |
caas.media-cache-time
| |
| Type | java.time.Duration |
| Default | 365d |
| Description | Maximum cache time to set in the com.coremedia.caas.web.controller.MediaController responses via the Cache-Control max-age header. |
caas.media-no-transform
| |
| Type | java.lang.Boolean |
| Default | true |
| Description | Flag to set no-transform value for Cache-Control header in the Media Controller responses |
caas.preview
| |
| Type | java.lang.Boolean |
| Default | false |
| Description | Enables preview mode |
caas.rest.jslt-enabled
| |
| Type | java.lang.Boolean |
| Default | true |
| Description | En/disables the JSLT transformation processor on REST endpoints |
caas.rest.jslt-transformations-pattern
| |
| Type | java.lang.String |
| Default | classpath*:transformations/*.jslt |
| Description | Returns the path pattern where to find the jslt transformation resources within headless. |
caas.rest.num-threads
| |
| Type | java.lang.Integer |
| Default | 5 |
| Description | Number of threads for the thread pool of the request executor |
caas.rest.query-mapping-pattern
| |
| Type | java.lang.String |
| Default | classpath*:graphql/rest-mapping/*.properties |
| Description | Returns the path pattern where to find rest mapping resources within headless. |
caas.site-filter-config-properties.excluded-field-names
| |
| Type | java.util.Collection<java.lang.String> |
| Default | [localizedVariant, localizedVariants, derivedSites] |
| Description | Fields to be excluded from site restrictions check. To disable all fields (thus prohibiting all objects not belonging to the filtered site), add the config property without any field names (=empty list). Adding additional fields requires to add the defaults as mentioned above to the config property! Defaults to "localizedVariant", "localizedVariants" and "derivedSites". |
caas.strict-transport-security-header.include-subdomains
| |
| Type | java.lang.Boolean |
| Default | true |
| Description | If true, adds the 'includeSubdomains' flag to the Strict-Transport-Security HTTP response header. |
caas.strict-transport-security-header.max-age
| |
| Type | java.lang.Integer |
| Default | 63072000 |
| Description | Max-Age of the Strict-Transport-Security HTTP response header in seconds, e.g. max-age=63072000. |
caas.strict-transport-security-header.preload
| |
| Type | java.lang.Boolean |
| Default | false |
| Description | If true, adds the 'preload' flag to the Strict-Transport-Security HTTP response header. |
caas.swagger.enabled
| |
| Type | java.lang.Boolean |
| Default | false |
| Description | Enables Swagger. |
Table 3.14. Headless Server Properties
