[feature] Add HTTP header permission section to frontend (#2893)

* [feature] Add HTTP header filter section to frontend * tweak naming a bit
2025-10-28 16:12:25 -05:00 · 2024-05-05 13:47:22 +02:00 · 2024-05-05 13:47:22 +02:00 · 6171dcbe51
commit 6171dcbe51
parent 35b1c54bde
27 changed files with 986 additions and 68 deletions
--- a/docs/configuration/advanced.md
+++ b/docs/configuration/advanced.md
@ -163,4 +163,23 @@ advanced-sender-multiplier: 2
 # Example: ["s3.example.org", "some-bucket-name.s3.example.org"]
 # Default: []
 advanced-csp-extra-uris: []
+
+# String. HTTP request header filtering mode to use for this instance.
+#
+# "block" -- only requests that are explicitly blocked by header filters
+#            will be denied (unless they are also explicitly allowed).
+#
+# "allow" -- only requests that are explicitly allowed by header filters
+#            will be accepted (unless they are also explicitly blocked).
+#            This mode is considered experimental and will almost certainly
+#            break access to your instance unless you are very careful.
+#
+#   ""    -- request header filtering disabled.
+#
+# For more details on block and allow modes, check the documentation at:
+# https://docs.gotosocial.org/en/latest/admin/request_filtering_modes
+#
+# Options: ["block", "allow", ""]
+# Default: ""
+advanced-header-filter-mode: ""
 ```