X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2FDefaultSettings.php;h=87ca0168bde1d7ce9554590bb20dab43d7dec5bb;hb=e83db4f33702a440dc6e16afc93d16cabf70e55e;hp=0e98e33b016f9d4c7849d006b878e6cbacea2a45;hpb=744629032a2fa1d7a78d57bb0e8eb1101212e448;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index 0e98e33b01..87ca0168bd 100644
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -5669,6 +5669,7 @@ $wgRateLimits = [
 	'edit' => [
 		'ip' => [ 8, 60 ],
 		'newbie' => [ 8, 60 ],
+		'user' => [ 90, 60 ],
 	],
 	// Page moves
 	'move' => [
@@ -7863,10 +7864,6 @@ $wgActionFilteredLogs = [
 		'autocreate' => [ 'autocreate' ],
 		'byemail' => [ 'byemail' ],
 	],
-	'patrol' => [
-		'patrol' => [ 'patrol' ],
-		'autopatrol' => [ 'autopatrol' ],
-	],
 	'protect' => [
 		'protect' => [ 'protect' ],
 		'modify' => [ 'modify' ],
@@ -8751,6 +8748,34 @@ $wgMaxUserDBWriteDuration = false;
  */
 $wgMaxJobDBWriteDuration = false;
 
+/**
+ * Controls Content-Security-Policy header [Experimental]
+ *
+ * @see https://www.w3.org/TR/CSP2/
+ * @since 1.32
+ * @var bool|array true to send default version, false to not send.
+ *  If an array, can have parameters:
+ *  'default-src' If true or array (of additional urls) will set a default-src
+ *    directive, which limits what places things can load from. If false or not
+ *    set, will send a default-src directive allowing all sources.
+ *  'includeCORS' If true or not set, will include urls from
+ *    $wgCrossSiteAJAXdomains as an allowed load sources.
+ *  'unsafeFallback' Add unsafe-inline as a script source, as a fallback for
+ *    browsers that do not understand nonce-sources [default on].
+ *  'script-src' Array of additional places that are allowed to have JS be loaded from.
+ *  'report-uri' true to use MW api [default], false to disable, string for alternate uri
+ * @warning May cause slowness on windows due to slow random number generator.
+ */
+$wgCSPHeader = false;
+
+/**
+ * Controls Content-Security-Policy-Report-Only header
+ *
+ * @since 1.32
+ * @var bool|array Same as $wgCSPHeader
+ */
+$wgCSPReportOnlyHeader = false;
+
 /**
  * Mapping of event channels (or channel categories) to EventRelayer configuration.
  *