close

Filter

loading table of contents...

Deployment Manual / Version 2307

Table Of Contents

3.3.1 Headless Server Spring Boot Properties

caas.graphql.introspection-enabled
Type java.lang.Boolean
Default false
Description

Enable graphql schema introspection. Disabled by default, enabled for preview mode.

caas.graphql.max-execution-timeout
Type java.time.Duration
Default 0
Description

Limits the allowed execution time for a query, set in milliseconds. 0 = no timeout.

caas.graphql.max-query-complexity
Type java.lang.Integer
Default 0
Description

Limits the complexity of a graphql query if set to a value greater than 0. 0 = off.

caas.graphql.max-query-depth
Type java.lang.Integer
Default 30
Description

Limits the depth of a graphql query if set to a value greater than 0. 0 = off.

caas.graphql.repository-path-exclude-patterns
Type java.util.List<java.lang.String>
Default [/Settings/Options/Settings/Internal/**, /Sites/**/Options/Settings/Internal/**, /Settings/Options/Settings/Feedback Hub, /Sites/**/Options/Settings/Feedback Hub, /Settings/Options/Settings/Content Hub, /Sites/**/Options/Settings/Content Hub, /Settings/Options/Settings/GlobalLink, /Settings/Options/Settings/Translation Services, /Sites/**/Options/Settings/Translation Services, /Settings/Options/Settings/Elastic Social Credentials]
Description

Repository paths excluded from retrieval via GraphQL endpoint. The paths may contain glob style expressions. Note, that the document name must be part of the path, if you do not use glob style expressions and want to protect a distinct document.

Examples:

   caas.graphql.repository-path-exclude-patterns[0]=/A/B/C/D   caas.graphql.repository-path-exclude-patterns[1]=/A/*/C/*   caas.graphql.repository-path-exclude-patterns[2]=/A/B/**   caas.graphql.repository-path-exclude-patterns[3]=/A/**/C/* 
caas.media.hash-property-names
Type java.util.List<java.lang.String>
Default [width, height, widthRatio, heightRatio]
Description

List of global or site specific transformation option names defined in image transformation settings whose values are to be considered to compute image hashes.

caas.search.cache.querylist-search-cache-for-seconds
Type java.lang.Integer
Default -1
Description

Time to cache query list search results in seconds. Set it to "-1" to deactivate the query list cache.

caas.search.cache.seconds
Type java.lang.Integer
Default -1
Description

Time to cache search query results in seconds. Set it to "-1" to deactivate the search-query cache.

caas.search.enabled
Type java.lang.Boolean
Default true
Description

Enable graphql search extensions.

caas.search.load-search-schema
Type java.lang.Boolean
Default true
Description

Load the GraphQL search schema extensions.

caas.search.max-search-limit
Type java.lang.Integer
Default 200
Description

Limit the count of search results hits. Defaults to 200.

caas.search.solr.collection
Type java.lang.String
Default preview
Description

Solr collection to use for CaaS search.

caas.stax.context-trace-enabled
Type java.lang.Boolean
Default false
Description

When 'true', wraps ContextHandlers and OutputHandlers while parsing in order to tracelog all parsing events. This is for debugging purposes only. Defaults to false. Additionally this requires the loglevel for 'com.coremedia.caas.richtext.stax.handler.output' to be set to trace level: logging.level.com.coremedia.caas.richtext.stax.handler.output = trace

caas.stax.max-aliases-for-collections
Type java.lang.Integer
Default 50
Description

Configures the maximum number of allowed yaml aliases used by snakeyaml instances while parsing rich text configurations. Defaults to 50.

caas.stax.suppress-root-tag
Type java.lang.Boolean
Default true
Description

When 'false', the root tag in the string result of a rich text transformation is not suppressed. Defaults to true.

caas.bypass-filter-predicates
Type null
Default false
Description If enabled, FilterPredicates my be ignored via request header 'X-Ignore-Filters'. If disabled, the header is ignored.
caas.cache-specs
Type java.util.Map<java.lang.String,java.lang.String>
Default  
Description

(Caffeine Cache) configuration: Cache specs by cache name.

Size based eviction:

  • maximumSize=[long] - eviction occurs when the configured size limit of the cache is exceeded

  • maximumWeight=[long] - The values are removed from the cache when the weight is exceeded

Time based eviction:

  • expireAfterWrite = entry is expired after period is passed since the last write occurs

  • expireAfterAccess = entry is expired after period is passed since the last read or write occurs

  • refreshAfterWrite = refresh entries after a defined period automatically

Durations are represented by an integer, followed by one of "d", "h", "m", or "s", representing days, hours, minutes, or seconds respectively.

caas.cors.allow-credentials-for-url-pattern
Type java.util.Map<java.lang.String,java.lang.Boolean>
Default  
Description

Map of whether user credentials are supported, based on URL patterns.

Example:

 caas.cors.allow-credentials-for-url-pattern[/**]=true 

See org.springframework.web.util.pattern.PathPattern> for the syntax of allowed path patterns.

caas.cors.allowed-headers-for-url-pattern
Type java.util.Map<java.lang.String,java.util.List<java.lang.String>>
Default [/**]=*
Description

Map of headers that a pre-flight request can list as allowed for use during an actual request, based on URL patterns.

A header name is not required to be listed if it is one of: Cache-Control, Content-Language, Expires, Last-Modified or Pragma.

Example:

 caas.cors.allowed-headers-for-url-pattern[/**]=x-requested-with,x-csrf-token 

See org.springframework.web.util.pattern.PathPattern for the syntax of allowed path patterns.

caas.cors.allowed-methods-for-url-pattern
Type java.util.Map<java.lang.String,java.util.List<java.lang.String>>
Default  
Description

Map of HTTP methods to allow, based on URL patterns.

Example:

 caas.cors.allowed-methods-for-url-pattern[/**]=GET,POST,PUT 

See org.springframework.web.util.pattern.PathPattern for the syntax of allowed path patterns.

caas.cors.allowed-origins-for-url-pattern
Type java.util.Map<java.lang.String,java.util.List<java.lang.String>>
Default  
Description

Map of origins to allow, based on URL patterns.

Example:

 caas.cors.allowed-origins-for-url-pattern[/**]=https://domain1.com,https://domain2.com 

See org.springframework.web.util.pattern.PathPattern for the syntax of allowed path patterns.

caas.cors.disable-protection
Type java.lang.Boolean
Default false
Description

Disable CORS configuration completely. Disabling CORS results effectively in an 'allow all CORS policy'.

caas.cors.exposed-headers-for-url-pattern
Type java.util.Map<java.lang.String,java.util.List<java.lang.String>>
Default  
Description

Map of response headers other than simple headers (i.e. Cache-Control, Content-Language, Content-Type, Expires, Last-Modified or Pragma) that an actual response might have and can be exposed, based on URL patterns.

Example:

 caas.cors.exposed-headers-for-url-pattern[/**]=x-requested-with,x-csrf-token 

See org.springframework.web.util.pattern.PathPattern for the syntax of allowed path patterns.

caas.cors.fallback.allow-credentials
Type java.lang.Boolean
Default true
Description

Allow credentials flag to be used for path pattern '/**', in the case that no specific CORS configuration exists at all. @see org.springframework.web.cors.CorsConfiguration#setAllowCredentials(Boolean)

caas.cors.fallback.allowed-methods
Type java.util.List<java.lang.String>
Default GET,POST,OPTIONS
Description

The fallback allowed methods to be used for path pattern '/**', in the case that no specific CORS configuration exists at all. @see org.springframework.web.cors.CorsConfiguration#setAllowedMethods(List)

caas.cors.fallback.allowed-origin
Type java.lang.String
Default  
Description

A fallback allowed origin to be used for path pattern '/**', in the case that no specific CORS configuration exists at all.

This may be used to easily configure a minimal CORS config consisting of the FQDN, which is usually set via environment variables. @see org.springframework.web.cors.CorsConfiguration#setAllowedOrigins(List)

caas.cors.max-age-for-url-pattern
Type java.util.Map<java.lang.String,java.time.Duration>
Default  
Description

Map of how long, as a duration, the response from a pre-flight request can be cached by clients, based on URL patterns.

Example:

 caas.cors.max-age-for-url-pattern[/**]=3m 

See org.springframework.web.util.pattern.PathPattern for the syntax of allowed path patterns.

caas.expose-extensions
Type java.lang.Boolean
Default false
Description

Set to true to expose extensions as described by the GraphQL spec.

caas.forward-cookies
Type java.lang.Boolean
Default false
Description

Enables http cookie forwarding of incoming requests on endpoint 'graphql' and for persisted queries on '/caas/v1/*' towards outgoing, secondary requests to 'graphql' (triggered by '/preview') and cae remote link resolving.

caas.forward-header-names
Type java.util.List<java.lang.String>
Default  
Description

Comaseparated enumeration of http headernames to be forwarded for incoming requests on endpoint 'graphql' and for persisted queries on '/caas/v1/*' towards outgoing, secondary requests to 'graphql' (triggered by /preview) and cae remote link resolving.

caas.graphql-restmapping-controller.enabled
Type java.lang.Boolean
Default true
Description

En-/disable REST mapping controller. Enabled by default (true).

caas.log-requests
Type java.lang.Boolean
Default false
Description

Enables logging for HTTP requests (excluding OPTIONS)

caas.media-cache-time
Type java.time.Duration
Default 365d
Description

Maximum cache time to set in the com.coremedia.caas.web.controller.MediaController responses via the Cache-Control max-age header.

caas.media-no-transform
Type java.lang.Boolean
Default true
Description

Flag to set no-transform value for Cache-Control header in the Media Controller responses

caas.preview
Type java.lang.Boolean
Default false
Description

Enables preview mode

caas.rest.jslt-enabled
Type java.lang.Boolean
Default true
Description

En/disables the JSLT transformation processor on REST endpoints

caas.rest.jslt-transformations-pattern
Type java.lang.String
Default classpath*:transformations/*.jslt
Description

Returns the path pattern where to find the jslt transformation resources within headless.

caas.rest.num-threads
Type java.lang.Integer
Default 5
Description

Number of threads for the thread pool of the request executor

caas.rest.query-mapping-pattern
Type java.lang.String
Default classpath*:graphql/rest-mapping/*.properties
Description

Returns the path pattern where to find rest mapping resources within headless.

caas.site-filter-config-properties.excluded-field-names
Type java.util.Collection<java.lang.String>
Default [localizedVariant, localizedVariants, derivedSites]
Description

Fields to be excluded from site restrictions check.

To disable all fields (thus prohibiting all objects not belonging to the filtered site), add the config property without any field names (=empty list).

Adding additional fields requires to add the defaults as mentioned above to the config property! Defaults to "localizedVariant", "localizedVariants" and "derivedSites".

caas.strict-transport-security-header.include-subdomains
Type java.lang.Boolean
Default true
Description

If true, adds the 'includeSubdomains' flag to the Strict-Transport-Security HTTP response header.

caas.strict-transport-security-header.max-age
Type java.lang.Integer
Default 63072000
Description

Max-Age of the Strict-Transport-Security HTTP response header in seconds, e.g. max-age=63072000.

caas.strict-transport-security-header.preload
Type java.lang.Boolean
Default false
Description

If true, adds the 'preload' flag to the Strict-Transport-Security HTTP response header.

caas.swagger.enabled
Type java.lang.Boolean
Default false
Description

Enables Swagger.

Table 3.14. Headless Server Properties


Search Results

Table Of Contents
warning

Your Internet Explorer is no longer supported.

Please use Mozilla Firefox, Google Chrome, or Microsoft Edge.