projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
10144: call object_for_dataclass only when attr value is not-nil.
[arvados.git] / apps / workbench / config / application.default.yml
diff --git a/apps/workbench/config/application.default.yml b/apps/workbench/config/application.default.yml
index dd499772e47d95bb8a9abc8af9addd8ccecdb1be..e4e27829866a0748558efdd639496b4a420fb510 100644 (file)
--- a/apps/workbench/config/application.default.yml
+++ b/apps/workbench/config/application.default.yml
@@ -213,9 +213,16 @@ common:
   # when anonymous_user_token is configured, show public projects page
   enable_public_projects_page: true
 
+  # by default, disable the "Getting Started" popup which is specific to the public beta install
+  enable_getting_started_popup: false
+
   # Ask Arvados API server to compress its response payloads.
   api_response_compression: true
 
+  # Timeouts for API requests.
+  api_client_connect_timeout: 120
+  api_client_receive_timeout: 300
+
   # ShellInABox service endpoint URL for a given VM.  If false, do not
   # offer web shell logins.
   #
@@ -228,7 +235,7 @@ common:
 
   # Format of preview links. If false, use keep_web_download_url
   # instead, and disable inline preview. If both are false, use
-  # Workbench's built-in download mechanism.
+  # Workbench's built-in file download/preview mechanism.
   #
   # Examples:
   # keep_web_url: https://%{uuid_or_pdh}.collections.uuid_prefix.arvadosapi.com
@@ -242,8 +249,10 @@ common:
   # Format of download links. If false, use keep_web_url with
   # disposition=attachment query param.
   #
-  # The host here should match the -attachment-only-host argument
-  # given to keep-web.
+  # The host part of the keep_web_download_url value here must match
+  # the -attachment-only-host argument given to keep-web: if
+  # keep_web_download_url is "https://FOO.EXAMPLE/c=..." then keep-web
+  # must run with "-attachment-only-host=FOO.EXAMPLE".
   #
   # If keep_web_download_url is false, and keep_web_url uses a
   # single-origin form, then Workbench will show an error page
@@ -252,3 +261,28 @@ common:
   # Example:
   # keep_web_download_url: https://download.uuid_prefix.arvadosapi.com/c=%{uuid_or_pdh}
   keep_web_download_url: false
+
+  # In "trust all content" mode, Workbench will redirect download
+  # requests to keep-web, even in the cases when keep-web would have
+  # to expose XSS vulnerabilities in order to handle the redirect.
+  #
+  # When enabling this setting, the -trust-all-content flag on the
+  # keep-web server must also be enabled.  For more detail, see
+  # https://godoc.org/github.com/curoverse/arvados/services/keep-web
+  #
+  # This setting has no effect in the recommended configuration, where
+  # the host part of keep_web_url begins with %{uuid_or_pdh}: in this
+  # case XSS protection is provided by browsers' same-origin policy.
+  #
+  # The default setting (false) is appropriate for a multi-user site.
+  trust_all_content: false
+
+  # Maximum number of historic log records of a running job to fetch
+  # and display in the Log tab, while subscribing to web sockets.
+  running_job_log_records_to_fetch: 2000
+
+  # In systems with many shared projects, loading of dashboard and topnav
+  # cab be slow due to collections indexing; use the following parameters
+  # to suppress these properties
+  show_recent_collections_on_dashboard: true
+  show_user_notifications: true