diff options
author | Ivan Tashkinov <ivantashkinov@gmail.com> | 2020-08-15 18:30:20 +0300 |
---|---|---|
committer | Ivan Tashkinov <ivantashkinov@gmail.com> | 2020-08-15 18:30:20 +0300 |
commit | 60ac83a4c196233ed13c3da9ca296b0a4224e9a3 (patch) | |
tree | fd26e163248392904d100f2413399372f090c4c2 /CHANGELOG.md | |
parent | 95529ab709b14acbf0b4ef2c17a76e0540e1e84e (diff) |
[#2046] Added test for pleroma/restrict_unauthenticated defaults on private instance. Updated docs and changelog.
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r-- | CHANGELOG.md | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index a8e80eb3c..d0fa138df 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,6 +17,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Configuration: `:media_proxy, whitelist` format changed to host with scheme (e.g. `http://example.com` instead of `example.com`). Domain format is deprecated. - **Breaking:** Configuration: `:instance, welcome_user_nickname` moved to `:welcome, :direct_message, :sender_nickname`, `:instance, :welcome_message` moved to `:welcome, :direct_message, :message`. Old config namespace is deprecated. - **Breaking:** LDAP: Fallback to local database authentication has been removed for security reasons and lack of a mechanism to ensure the passwords are synchronized when LDAP passwords are updated. +- **Breaking** Changed defaults for `:restrict_unauthenticated` so that when `:instance, :public` is set to `false` then all `:restrict_unauthenticated` items be effectively set to `true`. If you'd like to allow unauthenticated access to specific API endpoints on a private instance, please explicitly set `:restrict_unauthenticated` to non-default value in `config/prod.secret.exs`. <details> <summary>API Changes</summary> |