* $wgTiffThumbnailType = [ 'jpg', 'image/jpeg' ];
* @endcode
*/
-$wgTiffThumbnailType = false;
+$wgTiffThumbnailType = [];
/**
* If rendered thumbnail files are older than this timestamp, they
* although they are sometimes still referred to as Squid settings for
* historical reasons.
*
- * Achieving a high hit ratio with an HTTP proxy requires special
- * configuration. See https://www.mediawiki.org/wiki/Manual:Squid_caching for
- * more details.
+ * Achieving a high hit ratio with an HTTP proxy requires special configuration.
+ * See https://www.mediawiki.org/wiki/Manual:Performance_tuning#Page_view_caching
+ * for more details.
*
* @{
*/
/**
* Enable/disable CDN.
- * See https://www.mediawiki.org/wiki/Manual:Squid_caching
+ *
+ * See https://www.mediawiki.org/wiki/Manual:Performance_tuning#Page_view_caching
*
* @since 1.34 Renamed from $wgUseSquid.
*/
$wgUseCdn = false;
-/**
- * If you run Squid3 with ESI support, enable this (default:false):
- * @deprecated in 1.33. This was a now-defunct experimental feature.
- */
-$wgUseESI = false;
-
/**
* Add X-Forwarded-Proto to the Vary and Key headers for API requests and
* RSS/Atom feeds. Use this if you have an SSL termination setup
$wgLegacyJavaScriptGlobals = true;
/**
- * If set to a positive number, ResourceLoader will not generate URLs whose
- * query string is more than this many characters long, and will instead use
- * multiple requests with shorter query strings. This degrades performance,
- * but may be needed if your web server has a low (less than, say 1024)
- * query string length limit or a low value for suhosin.get.max_value_length
- * that you can't increase.
+ * ResourceLoader will not generate URLs whose query string is more than
+ * this many characters long, and will instead use multiple requests with
+ * shorter query strings. This degrades performance, but may be needed based
+ * on the query string limit supported by your web server and/or your user's
+ * web browsers.
*
- * If set to a negative number, ResourceLoader will assume there is no query
- * string length limit.
- *
- * Defaults to a value based on php configuration.
+ * @since 1.17
+ * @var int
*/
-$wgResourceLoaderMaxQueryLength = false;
+$wgResourceLoaderMaxQueryLength = 2000;
/**
* If set to true, JavaScript modules loaded from wiki pages will be parsed
* The checks supported by core are:
* - MinimalPasswordLength - Minimum length a user can set.
* - MinimumPasswordLengthToLogin - Passwords shorter than this will
- * not be allowed to login, regardless if it is correct.
+ * not be allowed to login, or offered a chance to reset their password
+ * as part of the login workflow, regardless if it is correct.
* - MaximalPasswordLength - maximum length password a user is allowed
* to attempt. Prevents DoS attacks with pbkdf2.
* - PasswordCannotMatchUsername - Password cannot match the username.
* Deprecated since 1.33. Use PasswordNotInLargeBlacklist instead.
* - PasswordNotInLargeBlacklist - Password not in best practices list of
* 100,000 commonly used passwords. Due to the size of the list this
- * is a probabilistic test.
+ * is a probabilistic test.
*
* If you add custom checks, for Special:PasswordPolicies to display them correctly,
* every check should have a corresponding passwordpolicies-policy-<check> message,
'bureaucrat' => [
'MinimalPasswordLength' => 10,
'MinimumPasswordLengthToLogin' => 1,
- 'PasswordNotInLargeBlacklist' => true,
],
'sysop' => [
'MinimalPasswordLength' => 10,
'MinimumPasswordLengthToLogin' => 1,
- 'PasswordNotInLargeBlacklist' => true,
],
'interface-admin' => [
'MinimalPasswordLength' => 10,
'MinimumPasswordLengthToLogin' => 1,
- 'PasswordNotInLargeBlacklist' => true,
],
'bot' => [
'MinimalPasswordLength' => 10,
'MinimumPasswordLengthToLogin' => 1,
- 'PasswordNotInLargeBlacklist' => true,
],
'default' => [
'MinimalPasswordLength' => [ 'value' => 1, 'suggestChangeOnLogin' => true ],
'PasswordCannotMatchUsername' => [ 'value' => true, 'suggestChangeOnLogin' => true ],
'PasswordCannotMatchBlacklist' => [ 'value' => true, 'suggestChangeOnLogin' => true ],
'MaximalPasswordLength' => [ 'value' => 4096, 'suggestChangeOnLogin' => true ],
+ 'PasswordNotInLargeBlacklist' => [ 'value' => true, 'suggestChangeOnLogin' => true ],
],
],
'checks' => [
'wllimit' => 250,
'useeditwarning' => 1,
'prefershttps' => 1,
+ 'requireemail' => 0,
];
/**
],
];
+/**
+ * Temporary feature flag that controls whether users will see a checkbox allowing them to
+ * require providing email during password resets.
+ *
+ * @deprecated This feature is under development, don't assume this flag's existence or function
+ * outside of MediaWiki.
+ */
+$wgAllowRequiringEmailForResets = false;
+
/** @} */ # end user accounts }
/************************************************************************//**
/**
* Allow sysops to ban users from accessing Emailuser
+ * @deprecated since 1.34; `$wgGroupPermissions['sysop']['blockemail'] = true;`
+ * should be used instead
*/
$wgSysopEmailBans = true;
# $wgGroupPermissions['sysop']['deletelogentry'] = true;
# $wgGroupPermissions['sysop']['deleterevision'] = true;
// To hide usernames from users and Sysops
-# $wgGroupPermissions['suppress']['hideuser'] = true;
+$wgGroupPermissions['suppress']['hideuser'] = true;
// To hide revisions/log items from users and Sysops
-# $wgGroupPermissions['suppress']['suppressrevision'] = true;
+$wgGroupPermissions['suppress']['suppressrevision'] = true;
// To view revisions/log items hidden from users and Sysops
-# $wgGroupPermissions['suppress']['viewsuppressed'] = true;
+$wgGroupPermissions['suppress']['viewsuppressed'] = true;
// For private suppression log access
-# $wgGroupPermissions['suppress']['suppressionlog'] = true;
+$wgGroupPermissions['suppress']['suppressionlog'] = true;
+// Basic rights for revision delete
+$wgGroupPermissions['suppress']['deleterevision'] = true;
+$wgGroupPermissions['suppress']['deletelogentry'] = true;
/**
* The developer group is deprecated, but can be activated if need be
* which case there is a possibility of an attacker discovering the names of revdeleted users, so
* it is best to use this in conjunction with $wgSecretKey being set).
*/
-$wgCookieSetOnAutoblock = false;
+$wgCookieSetOnAutoblock = true;
/**
* Whether to set a cookie when a logged-out user is blocked. Doing so means that a blocked user,
* case there is a possibility of an attacker discovering the names of revdeleted users, so it
* is best to use this in conjunction with $wgSecretKey being set).
*/
-$wgCookieSetOnIpBlock = false;
+$wgCookieSetOnIpBlock = true;
/** @} */ # end of cookie settings }
* handling is less robust and less flexible.
*
* @since 1.21
+ * @deprecated since 1.34, and should always be set true.
*/
$wgContentHandlerUseDB = true;
*/
$wgXmlDumpSchemaVersion = XML_DUMP_SCHEMA_VERSION_10;
-/**
- * Actor table schema migration stage.
- *
- * Use the SCHEMA_COMPAT_XXX flags. Supported values:
- * - SCHEMA_COMPAT_OLD
- * - SCHEMA_COMPAT_WRITE_BOTH | SCHEMA_COMPAT_READ_OLD
- * - SCHEMA_COMPAT_WRITE_BOTH | SCHEMA_COMPAT_READ_NEW
- * - SCHEMA_COMPAT_NEW
- *
- * Note that reading the old and new schema at the same time is not supported
- * in 1.32, but was (with significant query performance issues) in 1.31.
- *
- * @since 1.31
- * @since 1.32 changed allowed flags
- * @var int An appropriate combination of SCHEMA_COMPAT_XXX flags.
- */
-$wgActorTableSchemaMigrationStage = SCHEMA_COMPAT_NEW;
-
/**
* Flag to enable Partial Blocks. This allows an admin to prevent a user from editing specific pages
* or namespaces.
*/
$wgNativeImageLazyLoading = false;
+/**
+ * Option to whether serve the main page as the domain root
+ *
+ * @warning EXPERIMENTAL!
+ *
+ * @since 1.34
+ * @var bool
+ */
+$wgMainPageIsDomainRoot = false;
+
/**
* For really cool vim folding this needs to be at the end:
* vim: foldmarker=@{,@} foldmethod=marker