|
@@ -116,10 +116,11 @@ server:
|
116
|
116
|
|
117
|
117
|
websockets:
|
118
|
118
|
# Restrict the origin of WebSocket connections by matching the "Origin" HTTP
|
119
|
|
- # header. This settings makes oragono reject every WebSocket connection,
|
120
|
|
- # except when it originates from one of the hosts in this list. Use this to
|
121
|
|
- # prevent malicious websites from making their visitors connect to oragono
|
122
|
|
- # without their knowledge. An empty list means that there are no restrictions.
|
|
119
|
+ # header. This setting causes oragono to reject websocket connections unless
|
|
120
|
+ # they originate from a page on one of the whitelisted websites in this list.
|
|
121
|
+ # This prevents malicious websites from making their visitors connect to your
|
|
122
|
+ # oragono instance without their knowledge. An empty list means there are no
|
|
123
|
+ # restrictions.
|
123
|
124
|
allowed-origins:
|
124
|
125
|
# - "https://oragono.io"
|
125
|
126
|
# - "https://*.oragono.io"
|
|
@@ -136,9 +137,9 @@ server:
|
136
|
137
|
# already up and running is problematic).
|
137
|
138
|
casemapping: "precis"
|
138
|
139
|
|
139
|
|
- # enforce-utf8 controls whether the server allows non-UTF8 bytes in messages
|
140
|
|
- # (as in traditional IRC) or preemptively discards non-UTF8 messages (since
|
141
|
|
- # they cannot be relayed to websocket clients).
|
|
140
|
+ # enforce-utf8 controls whether the server will preemptively discard non-UTF8
|
|
141
|
+ # messages (since they cannot be relayed to websocket clients), or will allow
|
|
142
|
+ # them and relay them to non-websocket clients (as in traditional IRC).
|
142
|
143
|
enforce-utf8: true
|
143
|
144
|
|
144
|
145
|
# whether to look up user hostnames with reverse DNS. there are 3 possibilities:
|
|
@@ -185,8 +186,8 @@ server:
|
185
|
186
|
available-to-chanops: true
|
186
|
187
|
|
187
|
188
|
# IPs/CIDRs the PROXY command can be used from
|
188
|
|
- # this should be restricted to localhost (127.0.0.1/8, ::1/128, and unix sockets),
|
189
|
|
- # unless you have a good reason. you should also add these addresses to the
|
|
189
|
+ # This should be restricted to localhost (127.0.0.1/8, ::1/128, and unix sockets).
|
|
190
|
+ # Unless you have a good reason. you should also add these addresses to the
|
190
|
191
|
# connection limits and throttling exemption lists.
|
191
|
192
|
proxy-allowed-from:
|
192
|
193
|
- localhost
|
|
@@ -439,13 +440,11 @@ accounts:
|
439
|
440
|
additional-nick-limit: 2
|
440
|
441
|
|
441
|
442
|
# method describes how nickname reservation is handled
|
442
|
|
- # strict: don't let the user change to the registered nickname unless they're
|
443
|
|
- # already logged-in using SASL or NickServ
|
|
443
|
+ # strict: users must already be logged in to their account (via
|
|
444
|
+ # SASL, PASS account:password, or /NickServ IDENTIFY)
|
|
445
|
+ # in order to use their reserved nickname(s)
|
444
|
446
|
# optional: no enforcement by default, but allow users to opt in to
|
445
|
447
|
# the enforcement level of their choice
|
446
|
|
- #
|
447
|
|
- # 'optional' matches the behavior of other NickServs, but 'strict' is
|
448
|
|
- # preferable if all your users can enable SASL.
|
449
|
448
|
method: strict
|
450
|
449
|
|
451
|
450
|
# allow users to set their own nickname enforcement status, e.g.,
|