Deployment Manual / Version 2307
Table Of Contentscaas.graphql.introspection-enabled
| |
Type | java.lang.Boolean |
Default | false |
Description | Enable graphql schema introspection. Disabled by default, enabled for preview mode. |
caas.graphql.max-execution-timeout
| |
Type | java.time.Duration |
Default | 0 |
Description | Limits the allowed execution time for a query, set in milliseconds. 0 = no timeout. |
caas.graphql.max-query-complexity
| |
Type | java.lang.Integer |
Default | 0 |
Description | Limits the complexity of a graphql query if set to a value greater than 0. 0 = off. |
caas.graphql.max-query-depth
| |
Type | java.lang.Integer |
Default | 30 |
Description | Limits the depth of a graphql query if set to a value greater than 0. 0 = off. |
caas.graphql.repository-path-exclude-patterns
| |
Type | java.util.List<java.lang.String> |
Default | [/Settings/Options/Settings/Internal/**, /Sites/**/Options/Settings/Internal/**, /Settings/Options/Settings/Feedback Hub, /Sites/**/Options/Settings/Feedback Hub, /Settings/Options/Settings/Content Hub, /Sites/**/Options/Settings/Content Hub, /Settings/Options/Settings/GlobalLink, /Settings/Options/Settings/Translation Services, /Sites/**/Options/Settings/Translation Services, /Settings/Options/Settings/Elastic Social Credentials] |
Description | Repository paths excluded from retrieval via GraphQL endpoint. The paths may contain glob style expressions. Note, that the document name must be part of the path, if you do not use glob style expressions and want to protect a distinct document. Examples: caas.graphql.repository-path-exclude-patterns[0]=/A/B/C/D caas.graphql.repository-path-exclude-patterns[1]=/A/*/C/* caas.graphql.repository-path-exclude-patterns[2]=/A/B/** caas.graphql.repository-path-exclude-patterns[3]=/A/**/C/* |
caas.media.hash-property-names
| |
Type | java.util.List<java.lang.String> |
Default | [width, height, widthRatio, heightRatio] |
Description | List of global or site specific transformation option names defined in image transformation settings whose values are to be considered to compute image hashes. |
caas.search.cache.querylist-search-cache-for-seconds
| |
Type | java.lang.Integer |
Default | -1 |
Description | Time to cache query list search results in seconds. Set it to "-1" to deactivate the query list cache. |
caas.search.cache.seconds
| |
Type | java.lang.Integer |
Default | -1 |
Description | Time to cache search query results in seconds. Set it to "-1" to deactivate the search-query cache. |
caas.search.enabled
| |
Type | java.lang.Boolean |
Default | true |
Description | Enable graphql search extensions. |
caas.search.load-search-schema
| |
Type | java.lang.Boolean |
Default | true |
Description | Load the GraphQL search schema extensions. |
caas.search.max-search-limit
| |
Type | java.lang.Integer |
Default | 200 |
Description | Limit the count of search results hits. Defaults to 200. |
caas.search.solr.collection
| |
Type | java.lang.String |
Default | preview |
Description | Solr collection to use for CaaS search. |
caas.stax.context-trace-enabled
| |
Type | java.lang.Boolean |
Default | false |
Description | When 'true', wraps ContextHandlers and OutputHandlers while parsing in order to tracelog all parsing events. This is for debugging purposes only. Defaults to false. Additionally this requires the loglevel for 'com.coremedia.caas.richtext.stax.handler.output' to be set to trace level: logging.level.com.coremedia.caas.richtext.stax.handler.output = trace |
caas.stax.max-aliases-for-collections
| |
Type | java.lang.Integer |
Default | 50 |
Description | Configures the maximum number of allowed yaml aliases used by snakeyaml instances while parsing rich text configurations. Defaults to 50. |
caas.stax.suppress-root-tag
| |
Type | java.lang.Boolean |
Default | true |
Description | When 'false', the root tag in the string result of a rich text transformation is not suppressed. Defaults to true. |
caas.bypass-filter-predicates
| |
Type | null |
Default | false |
Description | If enabled, FilterPredicates my be ignored via request header 'X-Ignore-Filters'. If disabled, the header is ignored. |
caas.cache-specs
| |
Type | java.util.Map<java.lang.String,java.lang.String> |
Default | |
Description | (Caffeine Cache) configuration: Cache specs by cache name. Size based eviction:
Time based eviction:
Durations are represented by an integer, followed by one of "d", "h", "m", or "s", representing days, hours, minutes, or seconds respectively. |
caas.cors.allow-credentials-for-url-pattern
| |
Type | java.util.Map<java.lang.String,java.lang.Boolean> |
Default | |
Description | Map of whether user credentials are supported, based on URL patterns. Example: caas.cors.allow-credentials-for-url-pattern[/**]=true See org.springframework.web.util.pattern.PathPattern> for the syntax of allowed path patterns. |
caas.cors.allowed-headers-for-url-pattern
| |
Type | java.util.Map<java.lang.String,java.util.List<java.lang.String>> |
Default | [/**]=* |
Description | Map of headers that a pre-flight request can list as allowed for use during an actual request, based on URL patterns. A header name is not required to be listed if it is one of: Cache-Control, Content-Language, Expires, Last-Modified or Pragma. Example: caas.cors.allowed-headers-for-url-pattern[/**]=x-requested-with,x-csrf-token See org.springframework.web.util.pattern.PathPattern for the syntax of allowed path patterns. |
caas.cors.allowed-methods-for-url-pattern
| |
Type | java.util.Map<java.lang.String,java.util.List<java.lang.String>> |
Default | |
Description | Map of HTTP methods to allow, based on URL patterns. Example: caas.cors.allowed-methods-for-url-pattern[/**]=GET,POST,PUT See org.springframework.web.util.pattern.PathPattern for the syntax of allowed path patterns. |
caas.cors.allowed-origins-for-url-pattern
| |
Type | java.util.Map<java.lang.String,java.util.List<java.lang.String>> |
Default | |
Description | Map of origins to allow, based on URL patterns. Example: caas.cors.allowed-origins-for-url-pattern[/**]=https://domain1.com,https://domain2.com See org.springframework.web.util.pattern.PathPattern for the syntax of allowed path patterns. |
caas.cors.disable-protection
| |
Type | java.lang.Boolean |
Default | false |
Description | Disable CORS configuration completely. Disabling CORS results effectively in an 'allow all CORS policy'. |
caas.cors.exposed-headers-for-url-pattern
| |
Type | java.util.Map<java.lang.String,java.util.List<java.lang.String>> |
Default | |
Description | Map of response headers other than simple headers (i.e. Cache-Control, Content-Language, Content-Type, Expires, Last-Modified or Pragma) that an actual response might have and can be exposed, based on URL patterns. Example: caas.cors.exposed-headers-for-url-pattern[/**]=x-requested-with,x-csrf-token See org.springframework.web.util.pattern.PathPattern for the syntax of allowed path patterns. |
caas.cors.fallback.allow-credentials
| |
Type | java.lang.Boolean |
Default | true |
Description | Allow credentials flag to be used for path pattern '/**', in the case that no specific CORS configuration exists at all. @see org.springframework.web.cors.CorsConfiguration#setAllowCredentials(Boolean) |
caas.cors.fallback.allowed-methods
| |
Type | java.util.List<java.lang.String> |
Default | GET,POST,OPTIONS |
Description | The fallback allowed methods to be used for path pattern '/**', in the case that no specific CORS configuration exists at all. @see org.springframework.web.cors.CorsConfiguration#setAllowedMethods(List) |
caas.cors.fallback.allowed-origin
| |
Type | java.lang.String |
Default | |
Description | A fallback allowed origin to be used for path pattern '/**', in the case that no specific CORS configuration exists at all. This may be used to easily configure a minimal CORS config consisting of the FQDN, which is usually set via environment variables. @see org.springframework.web.cors.CorsConfiguration#setAllowedOrigins(List) |
caas.cors.max-age-for-url-pattern
| |
Type | java.util.Map<java.lang.String,java.time.Duration> |
Default | |
Description | Map of how long, as a duration, the response from a pre-flight request can be cached by clients, based on URL patterns. Example: caas.cors.max-age-for-url-pattern[/**]=3m See org.springframework.web.util.pattern.PathPattern for the syntax of allowed path patterns. |
caas.expose-extensions
| |
Type | java.lang.Boolean |
Default | false |
Description | Set to true to expose extensions as described by the GraphQL spec. |
caas.forward-cookies
| |
Type | java.lang.Boolean |
Default | false |
Description | Enables http cookie forwarding of incoming requests on endpoint 'graphql' and for persisted queries on '/caas/v1/*' towards outgoing, secondary requests to 'graphql' (triggered by '/preview') and cae remote link resolving. |
caas.forward-header-names
| |
Type | java.util.List<java.lang.String> |
Default | |
Description | Comaseparated enumeration of http headernames to be forwarded for incoming requests on endpoint 'graphql' and for persisted queries on '/caas/v1/*' towards outgoing, secondary requests to 'graphql' (triggered by /preview) and cae remote link resolving. |
caas.graphql-restmapping-controller.enabled
| |
Type | java.lang.Boolean |
Default | true |
Description | En-/disable REST mapping controller. Enabled by default (true). |
caas.log-requests
| |
Type | java.lang.Boolean |
Default | false |
Description | Enables logging for HTTP requests (excluding OPTIONS) |
caas.media-cache-time
| |
Type | java.time.Duration |
Default | 365d |
Description | Maximum cache time to set in the com.coremedia.caas.web.controller.MediaController responses via the Cache-Control max-age header. |
caas.media-no-transform
| |
Type | java.lang.Boolean |
Default | true |
Description | Flag to set no-transform value for Cache-Control header in the Media Controller responses |
caas.preview
| |
Type | java.lang.Boolean |
Default | false |
Description | Enables preview mode |
caas.rest.jslt-enabled
| |
Type | java.lang.Boolean |
Default | true |
Description | En/disables the JSLT transformation processor on REST endpoints |
caas.rest.jslt-transformations-pattern
| |
Type | java.lang.String |
Default | classpath*:transformations/*.jslt |
Description | Returns the path pattern where to find the jslt transformation resources within headless. |
caas.rest.num-threads
| |
Type | java.lang.Integer |
Default | 5 |
Description | Number of threads for the thread pool of the request executor |
caas.rest.query-mapping-pattern
| |
Type | java.lang.String |
Default | classpath*:graphql/rest-mapping/*.properties |
Description | Returns the path pattern where to find rest mapping resources within headless. |
caas.site-filter-config-properties.excluded-field-names
| |
Type | java.util.Collection<java.lang.String> |
Default | [localizedVariant, localizedVariants, derivedSites] |
Description | Fields to be excluded from site restrictions check. To disable all fields (thus prohibiting all objects not belonging to the filtered site), add the config property without any field names (=empty list). Adding additional fields requires to add the defaults as mentioned above to the config property! Defaults to "localizedVariant", "localizedVariants" and "derivedSites". |
caas.strict-transport-security-header.include-subdomains
| |
Type | java.lang.Boolean |
Default | true |
Description | If true, adds the 'includeSubdomains' flag to the Strict-Transport-Security HTTP response header. |
caas.strict-transport-security-header.max-age
| |
Type | java.lang.Integer |
Default | 63072000 |
Description | Max-Age of the Strict-Transport-Security HTTP response header in seconds, e.g. max-age=63072000. |
caas.strict-transport-security-header.preload
| |
Type | java.lang.Boolean |
Default | false |
Description | If true, adds the 'preload' flag to the Strict-Transport-Security HTTP response header. |
caas.swagger.enabled
| |
Type | java.lang.Boolean |
Default | false |
Description | Enables Swagger. |
Table 3.14. Headless Server Properties