xwiki.properties.vm

# ---------------------------------------------------------------------------
# See the NOTICE file distributed with this work for additional
# information regarding copyright ownership.
#
# This is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as
# published by the Free Software Foundation; either version 2.1 of
# the License, or (at your option) any later version.
#
# This software is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this software; if not, write to the Free
# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
# 02110-1301 USA, or see the FSF site: http://www.fsf.org.
# ---------------------------------------------------------------------------

# This is the new XWiki configuration file. In the future it'll replace the old
# xwiki.cfg file. However right now it's only used by some XWiki components.
# As time progresses more and more component will get their configurations from
# this file.
# 
# This file come from one of those locations (in this order):
# * [since 9.3] /etc/xwiki/xwiki.properties
# * /WEB-INF/xwiki.properties in the web application resources

#-------------------------------------------------------------------------------------
# Core
#-------------------------------------------------------------------------------------

#-# [Since 1.8RC2]
#-# Specifies the default syntax to use when creating new documents.
#-# Default value is xwiki/2.1.
# core.defaultDocumentSyntax = xwiki/2.1

#-# [Since 2.4M1]
#-# Indicate if the rendering cache is enabled.
#-# Default value is false.
# core.renderingcache.enabled = true

#-# [Since 2.4M1]
#-# A list of Java regex patterns matching full documents reference.
# core.renderingcache.documents = wiki:Space\.Page
# core.renderingcache.documents = wiki:Space\..*
# core.renderingcache.documents = Space\.PageOnWhateverWiki

#-# [Since 2.4M1]
#-# The time (in seconds) after which data should be removed from the cache when not used.
#-# Default value is 300 (5 min).
# core.renderingcache.duration = 300

#-# [Since 2.4M1]
#-# The size of the rendering cache. Not that it's not the number of cached documents but the number of cached results.
#-# (For a single document several cache entries are created, because each action, language and request query string
#-# produces a unique rendering result)
#-# Default value is 100.
# core.renderingcache.size = 100

#-# [Since 7.2M2]
#-# Define which hierarchy is used between pages (for example inside the breadcrumb).
#-# Possible values are "reference" (default) or "parentchild".
#-# If "parentchild" is used, the hierachy is based on the parent/child relationship, which means that any document
#-# could be defined as the parent of an other document.
#-# If "reference" is used, then the children of a document must be placed inside this document. It's less flexible but
#-# more clear.
# core.hierarchyMode = reference

#-------------------------------------------------------------------------------------
# Environment
#-------------------------------------------------------------------------------------

#-# [Since 3.5M1, replaces the container.persistentDirectory property]
#-# The directory used to store persistent data (data that should persist across server restarts). This is an
#-# important directory containing important data and thus it should never be deleted (it should be backed-up along
#-# with the database).
#-# For example this is where the Extension Manager stores downloaded extensions (unless extension.localRepository
#-# property is configured to a different location).
#-#
#-# You can set:
#-# * an absolute path (recommended)
#-# * a relative path (not recommended at all)but in this case the directory will be relative to where the XWiki server
#-#   is started and thus the user under which XWiki is started will need write permissions for the current directory
#-#
#-# Note if the system property xwiki.data.dir is set then this property is not used.
#-# If neither the system property nor this configuration value here are set then the Servlet container's temporary
#-# directory is used; This is absolutely not recommended since that directory could be wiped out at any time and you
#-# should specify a value.
#if ($xwikiPropertiesEnvironmentPermanentDirectory)
environment.permanentDirectory = $xwikiPropertiesEnvironmentPermanentDirectory
#else
# environment.permanentDirectory = /var/lib/xwiki/data/
#end

#-------------------------------------------------------------------------------------
# Rendering
#-------------------------------------------------------------------------------------

#-# [Since 1.8RC2]
#-# Specifies how links labels are displayed when the user doesn't specify the label explicitly.
#-# Valid values:
#-#   %w: wiki name
#-#   %s: full space name (e.g. space1.space2)
#-#       Note: Prior to 7.4.2/8.0M2 this was only displaying the last space name
#-#   %ls: last space name. New in 7.4.2/8.0M2
#-#   %p: page name
#-#   %np: nested page name (i.e. will display the space name for Nested Pages). New in 7.4.2/8.0M2
#-#   %P: page name with spaces between camel case words, i.e. "My Page" if the page name is "MyPage"
#-#   %NP: nested page name with spaces between camel case words, i.e. "My Page" if the page name is "MyPage".
#-#        New in 7.4.2/8.0M2
#-#   %t: page title
#-#
#-# Note that if the page title is empty or not defined then it defaults to %np. This is also the case
#-# if the title cannot be retrieved for the document.
#-#
#-# The default is "%np". Some examples: "%s.%p", "%w:%s.%p".
# rendering.linkLabelFormat = %np

#-# [Since 2.0M3]
#-# Overrides default macro categories (Each macro has default categories already defined, for example
#-# "Navigation" for the Table of Contents Macro).
#-# Note: the categories are case sensitive.
#-#
#-# Ex: To redefine the macro categories for the TOC macro so that it'd be in the "My Category" and "Deprecated" 
#-# categories + redefine the category for the Script Macro to be "My Other Category", you'd use:
# rendering.transformation.macro.categories = toc = My Category\,Deprecated
# rendering.transformation.macro.categories = script = My Other Category

#-# [Since 14.8RC1]
#-# Override the default hidden macro categories.
#-# Note: the categories are case sensitive.
#-#
#-# The default value is:
# rendering.transformation.macro.hiddenCategories = Internal,Deprecated
#-#
#-# For instance, to make the "Development" category hidden by default, in addition to the "Internal" and
#-# "Deprecated" categories, you'd use:
# rendering.transformation.macro.hiddenCategories = Development,Internal,Deprecated

#-# [Since 2.5M2]
#-# Specify whether the image dimensions should be extracted from the image parameters and included in the image URL
#-# or not. When image dimensions are included in the image URL the image can be resized on the server side before being
#-# downloaded, improving thus the page loading speed.
#-#
#-# Default value is true.
# rendering.imageDimensionsIncludedInImageURL = true

#-# [Since 2.5M2]
#-# One way to improve page load speed is to resize images on the server side just before rendering the page. The
#-# rendering module can use the image width provided by the user to scale the image (See
#-# rendering.includeImageDimensionsInImageURL configuration parameter). When the user doesn't specify the image width
#-# the rendering module can limit the width of the image based on this configuration parameter.
#-#
#-# The default value is -1 which means image width is not limited by default. Use a value greater than 0 to limit the
#-# image width (pixels). Note that the aspect ratio is kept even when both the width and the height of the image are
#-# limited.
# rendering.imageWidthLimit = 1024
# rendering.imageWidthLimit = -1

#-# [Since 2.5M2]
#-# See rendering.imageWidthLimit
# rendering.imageHeightLimit = 768
# rendering.imageHeightLimit = -1

#-# [Since 2.5M2]
#-# InterWiki definitions in the format alias = URL
#-# See http://en.wikipedia.org/wiki/Interwiki_links for a definition of an InterWiki link
# Some examples:
# rendering.interWikiDefinitions = wikipedia = http://en.wikipedia.org/wiki/
# rendering.interWikiDefinitions = definition = http://www.yourdictionary.com/

#-# [Since 2.4M1]
#-# Change the Pygments style used in the code macro (see http://pygments.org/docs/styles/)
#-# If not set "default" style is used.
# rendering.macro.code.pygments.style = vs

#-# [Since 15.0RC1]
#-# [Since 14.10.2]
#-# The maximum size (in bytes) of attachment to allow as code macro source.
#-# 
#-# The default is:
# rendering.macro.code.source.attachmentMaximumSize = 1000000

#-------------------------------------------------------------------------------------
# Rendering Transformations
#-------------------------------------------------------------------------------------

#-# [Since 2.6RC1]
#-# Controls what transformations will be executed when rendering content.
#-# A transformation modifies the parsed content. For example the Icon transformation replaces some characters with
#-# icons, a WikiWord transformation will automatically create links when it finds wiki words, etc.
#-# Note that the Macro transformation is a special transformation that replaces macro markers by the result of the
#-# macro execution. If you don't list it, macros won't get executed.
#-# The default value is: macro, icon
#if ($xwikiRenderingTransformations)
rendering.transformations = $xwikiRenderingTransformations
#else
# rendering.transformations = macro, icon
#end

#-# [Since 2.6RC1]
#-# Icon Transformation Configuration
#-# Defines mappings between suite of characters and the icon to display when those characters are found.
#-# The format is: rendering.transformation.icon.mappings = <suite of characters> = <icon name>
#-# The following mappings are already predefined and you don't need to redefine them unless you wish to override them
#-# [Since 9.3RC1/8.4.5] To disable a default mapping, define it with an empty value. For example:
#-#   rendering.transformation.icon.mappings = (n) =
#-#
#-# rendering.transformation.icon.mappings = :) = emoticon_smile
#-# rendering.transformation.icon.mappings = :( = emoticon_unhappy
#-# rendering.transformation.icon.mappings = :P = emoticon_tongue
#-# rendering.transformation.icon.mappings = :D = emoticon_grin
#-# rendering.transformation.icon.mappings = ;) = emoticon_wink
#-# rendering.transformation.icon.mappings = (y) = thumb_up
#-# rendering.transformation.icon.mappings = (n) = thumb_down
#-# rendering.transformation.icon.mappings = (i) = information
#-# rendering.transformation.icon.mappings = (/) = accept
#-# rendering.transformation.icon.mappings = (x) = cancel
#-# rendering.transformation.icon.mappings = (!) = error
#-# rendering.transformation.icon.mappings = (+) = add
#-# rendering.transformation.icon.mappings = (-) = delete
#-# rendering.transformation.icon.mappings = (?) = help
#-# rendering.transformation.icon.mappings = (on) = lightbulb
#-# rendering.transformation.icon.mappings = (off) = lightbulb_off
#-# rendering.transformation.icon.mappings = (*) = star

#-------------------------------------------------------------------------------------
# LinkChecker Transformation
#-------------------------------------------------------------------------------------

#-# [Since 3.3M2]
#-# Defines the time (in ms) after which an external link should be checked again for validity.
#-# the default configuration is:
# rendering.transformation.linkchecker.timeout = 3600000

#-# [Since 5.3RC1]
#-# List of document references that are excluded from link checking, specified using regexes.
#-# the default configuration is:
# rendering.transformation.linkchecker.excludedReferencePatterns = .*:XWiki\.ExternalLinksJSON

#-------------------------------------------------------------------------------------
# Rendering Macros
#-------------------------------------------------------------------------------------

#-# Velocity Macro

#-# [Since 2.0M1]
#-# Defines which Velocity Filter to use by default. This offers the possibility to filter the Velocity macro content
#-# before and after the Velocity Engine execution.
#-# The following filters are available:
#-# - indent (the default): Remove all first whites spaces of lines to support source code indentation without
#-#          generating whitespaces in the resulting XDOM.
#-# - none: Doesn't change the content
#-# - html: Removes all leading and trailing white spaces and new lines. If you need a space you'll need to use
#-#         \$sp and if you need a new line you'll need to use \$nl
#-# rendering.macro.velocity.filter = indent

#-------------------------------------------------------------------------------------
# HTML Sanitization
#-------------------------------------------------------------------------------------

#-# [Since 14.6RC1]
#-# The HTML sanitization strategy to use for user-generated content to avoid JavaScript injection. The following
#-# strategies are available by default:
#-# - secure (default): Only allows known elements and attributes that are considered safe. The following options
#-#                     allow customizing its behavior.
#-# - insecure:         Allows everything including JavaScript. Use this only if you absolutely trust everybody who can
#-#                     write wiki syntax (in particular, all users, but also anonymous users commenting when enabled).
# xml.htmlElementSanitizer = secure

#-# [Since 14.6RC1]
#-# Comma-separated list of additional tags that should be allowed by the HTML sanitizer. These tags will be allowed
#-# in addition to the already extensive built-in list of tags that are considered safe. Use with care to avoid
#-# introducing security issues. By default, the following tags are allowed:
#-# HTML tags: https://github.com/xwiki/xwiki-commons/blob/99484d48e899a68a1b6e33d457825b776c6fe8c3/xwiki-commons-core/xwiki-commons-xml/src/main/java/org/xwiki/xml/internal/html/HTMLDefinitions.java#L63-L74
#-# SVG tags: https://github.com/xwiki/xwiki-commons/blob/b11eae9d82cb53f32962056b5faa73f3720c6182/xwiki-commons-core/xwiki-commons-xml/src/main/java/org/xwiki/xml/internal/html/SVGDefinitions.java#L91-L102
#-# MathML tags: https://github.com/xwiki/xwiki-commons/blob/b11eae9d82cb53f32962056b5faa73f3720c6182/xwiki-commons-core/xwiki-commons-xml/src/main/java/org/xwiki/xml/internal/html/MathMLDefinitions.java#L62-L64
# xml.htmlElementSanitizer.extraAllowedTags =

#-# [Since 14.6RC1]
#-# Comma-separated list of additional attributes that should be allowed by the HTML sanitizer. These attributes will
#-# be allowed in addition to the already extensive built-in list of attributes that are considered safe. This option
#-# is useful if your content uses attributes that are invalid in HTML. Use with care to avoid introducing security
#-# issues. By default, the following attributes are allowed:
#-# HTML attributes: https://github.com/xwiki/xwiki-commons/blob/99484d48e899a68a1b6e33d457825b776c6fe8c3/xwiki-commons-core/xwiki-commons-xml/src/main/java/org/xwiki/xml/internal/html/HTMLDefinitions.java#L76-L91
#-# SVG attributes: https://github.com/xwiki/xwiki-commons/blob/b11eae9d82cb53f32962056b5faa73f3720c6182/xwiki-commons-core/xwiki-commons-xml/src/main/java/org/xwiki/xml/internal/html/SVGDefinitions.java#L66-L89
#-# MathML attributes: https://github.com/xwiki/xwiki-commons/blob/b11eae9d82cb53f32962056b5faa73f3720c6182/xwiki-commons-core/xwiki-commons-xml/src/main/java/org/xwiki/xml/internal/html/MathMLDefinitions.java#L73-L79
#-# XML attributes: https://github.com/xwiki/xwiki-commons/blob/b11eae9d82cb53f32962056b5faa73f3720c6182/xwiki-commons-core/xwiki-commons-xml/src/main/java/org/xwiki/xml/internal/html/SecureHTMLElementSanitizer.java#L135
# xml.htmlElementSanitizer.extraAllowedAttributes =

#-# [Since 14.6RC1]
#-# Comma-separated list of tags that should be forbidden. This takes precedence over any tags allowed by default or
#-# configured above. This can be used, for example, to forbid video or audio elements.
# xml.htmlElementSanitizer.forbidTags =

#-# [Since 14.6RC1]
#-# Comma-separated list of attributes that should be forbidden. This takes precedence over any attributes allowed by
#-# default or configured above. This can be used, for example, to forbid inline styles by forbidding the "style"
#-# attribute.
# xml.htmlElementSanitizer.forbidAttributes =

#-# [Since 14.6RC1]
#-# If unknown protocols shall be allowed. This means all protocols like "xwiki:" will be allowed in links, however,
#-# script and data-URIs will still be forbidden (for data-URIs see also below).  By default, unknown protocols are
#-# allowed.
# xml.htmlElementSanitizer.allowUnknownProtocols = true

#-# [Since 14.6RC1]
#-# If unknown protocols are disallowed (see above), the (Java) regular expression URIs are matched against.
#-# The default values is ^(?:(?:f|ht)tps?|mailto|tel|callto|cid|xmpp):
# xml.htmlElementSanitizer.allowedUriRegexp = ^(?:(?:f|ht)tps?|mailto|tel|callto|cid|xmpp):

#-# [Since 14.6RC1]
#-# Comma-separated list of additional tags on which data-URIs should be allowed in "src", "xlink:href" or "href".
#-# Adding "a" here, for example, would allow linking to data-URIs which is disabled by default due to the potential of
#-# security issues. Modern browsers should mitigate them, though, see for example
#-# https://blog.mozilla.org/security/2017/11/27/blocking-top-level-navigations-data-urls-firefox-59/ so you could
#-# use this to allow defining images, PDF files or files to be downloaded inline as data-URIs in links.
# xml.htmlElementSanitizer.extraDataUriTags =

#-# [Since 14.6RC1]
#-# Comma-separated list of additional attributes that are considered safe for arbitrary content including
#-# script-URIs, on these attributes the above-mentioned URI-checks aren't used. Use with care to avoid introducing
#-# security issues.
# xml.htmlElementSanitizer.extraURISafeAttributes =

#-------------------------------------------------------------------------------------
# Cache
#-------------------------------------------------------------------------------------

#-# [Since 1.7M1]
#-# The standard cache component implementation to use (can be local or distributed depending on the implementation).
#-# The default standard cache implementation is Infinispan.
# cache.defaultCache = infinispan

#-# [Since 1.7M1]
#-# The local cache implementation to use.
#-# The default local cache implementation is Infinispan.
# cache.defaultLocalCache = infinispan/local

#-------------------------------------------------------------------------------------
# Settings for the OpenOffice server instance consumed by the OfficeImporter component
#-------------------------------------------------------------------------------------

#-# [Since 1.9M2]
#-# Type of the openoffice server instance used by officeimporter component.
#-# 0 - Internally managed server instance. (Default)
#-# 1 - Externally managed (local) server instance.
# openoffice.serverType = 0

#-# [Since 12.1RC1]
#-# Port numbers used for connecting to the openoffice server instance.
#-# For an internally managed server instance, it will create the process for all ports.
#-# For an externally managed server instance, only the first server port is taken into account.
# openoffice.serverPorts = 8100,8101

#-# [Since 1.9M2]
#-# If the openoffice server should be started / connected upon XE start.
#-# Default value is false
# openoffice.autoStart = false

#-# [Since 1.8RC3]
#-# Path to openoffice installation (serverType:0 only).
#-# If no path is provided, a default value will be calculated based on the operating environment.
# openoffice.homePath = /opt/openoffice.org3/

#-# [Since 1.8RC3]
#-# Path to openoffice execution profile (serverType:0 only).
#-# If no path is provided, a default value will be calculated based on the operating environment.
# openoffice.profilePath = /home/user/.openoffice.org/3

#-# [Since 1.8RC3]
#-# Maximum number of simultaneous conversion tasks to be handled by a single openoffice process (serverType:0 only).
#-# Default value is 50
# openoffice.maxTasksPerProcess = 50

#-# [Since 1.8RC3]
#-# Timeout for conversion tasks (in milliseconds) (serverType:0 only).
#-# Default value is 60 seconds
# openoffice.taskExecutionTimeout = 60000

#-# [Since 16.8.0]
#-# [Since 16.4.4]
#-# [Since 15.10.13]
#-# The output image format to use when importing an office presentation in XWiki.
# officeimporter.presentation.imageFormat = jpg

#-# [Since 16.8.0]
#-# [Since 16.4.4]
#-# [Since 15.10.13]
#-# Quality of the output image when importing an office presentation: the quality value is between 0 and 100.
#-# Be aware that this option overrides any filter configuration provided in custom-document-formats.json for html
#-# presentations. Also this configuration is ignored if the image format is png.
# officeimporter.presentation.quality = 95

#-# [Since 16.8.0]
#-# [Since 16.4.4]
#-# [Since 15.10.13]
#-# Width of the output image when importing an office presentation: the value is given in pixel.
# officeimporter.presentation.slideWidth = 1920

#-------------------------------------------------------------------------------------
# Velocity
#-------------------------------------------------------------------------------------

#-# [Since 2.0M1]
#-# Velocity Tools that will be available from your scripts. The format is
#-# velocity.tools = <name under which it'll be available in the context> = <class name>
#-# Default values (no need to add them)
#-#   velocity.tools = numbertool = org.xwiki.velocity.internal.XWikiNumberTool
#-#   velocity.tools = datetool = org.xwiki.velocity.internal.XWikiDateTool
#-#   velocity.tools = mathtool = org.xwiki.velocity.internal.XWikiMathTool
#-#   velocity.tools = escapetool = org.apache.velocity.tools.generic.EscapeTool
#-#   velocity.tools = regextool = org.xwiki.velocity.tools.RegexTool
#-#   velocity.tools = collectiontool = org.xwiki.velocity.tools.CollectionTool
#-#   velocity.tools = stringtool = org.xwiki.text.StringUtils
#-#   velocity.tools = jsontool = org.xwiki.velocity.tools.JSONTool
#-#   velocity.tools = urltool = org.xwiki.velocity.tools.URLTool
#-#   velocity.tools = exceptiontool = org.apache.commons.lang3.exception.ExceptionUtils
#-#   velocity.tools = niotool = org.xwiki.velocity.tools.nio.NIOTool
#-#   velocity.tools = logtool = org.apache.velocity.tools.generic.LogTool
#-#   velocity.tools = objecttool = org.xwiki.velocity.tools.ObjectTool
#-#   velocity.tools = listtool = org.apache.velocity.tools.generic.ListTool (deprecated)
#-#   velocity.tools = sorttool = org.apache.velocity.tools.generic.SortTool (deprecated)
#-#   velocity.tools = collectionstool = org.xwiki.velocity.tools.CollectionsTool (deprecated)

#-# [Since 2.0M1]
#-# Velocity configuration properties. The format is
#-# velocity.properties = <Velocity property name> = <value>
#-# Default values (no need to add them)
#-#   velocity.properties = resource.loader = xwiki
#-#   velocity.properties = xwiki.resource.loader.class = org.xwiki.velocity.XWikiWebappResourceLoader
#-#   velocity.properties = velocimacro.library = "/templates/macros.vm"
#-#   velocity.properties = velocimacro.max_depth = 100
#-#   velocity.properties = resource.manager.log_when_found = false
#-#   velocity.properties = velocimacro.inline.local_scope = true
#-#   velocity.properties = velocimacro.inline.replace_global = true
#-#   velocity.properties = directive.if.empty_check = false
#-#   velocity.properties = parser.space_gobbling = bc
#-#   velocity.properties = parser.allow_hyphen_in_identifiers = true
#-#   velocity.properties = velocimacro.enable_bc_mode = true
#-#   velocity.properties = context.scope_control.template = true
#-#   velocity.properties = context.scope_control.macro = true
#-#   velocity.properties = event_handler.include.class = org.xwiki.velocity.internal.util.RestrictParseLocationEventHandler
#-#   velocity.properties = runtime.introspection.uberspect = org.xwiki.velocity.introspection.SecureUberspector\,org.apache.velocity.util.introspection.DeprecatedCheckUberspector\,org.xwiki.velocity.introspection.MethodArgumentsUberspector\,org.xwiki.velocity.introspection.MethodOverrideUberspector

#-------------------------------------------------------------------------------------
# Groovy
#-------------------------------------------------------------------------------------

#-# [Since 4.1M1]
#-# Allows to specify Compiler customization for the Groovy execution engine.
#-# There's no customizers defined by default. Available customizer ids:
#-# - timedinterrupt: interrupt script execution if it takes longer than a given time (default to 1 minute)
#-# - secure: runs Groovy in a security sandbox
#-# groovy.compilationCustomizers = <list of customizer ids here>

#-# Timed Interrupt Customizer

#-# [Since 4.1M1]
#-# Default execution time for a script before a timeout occurs, in seconds.
#-# groovy.customizer.timedInterrupt.timeout = 60

#-------------------------------------------------------------------------------------
# Events distribution
#-------------------------------------------------------------------------------------

#-# [Since 2.0M3]
#-# Indicate if the network distribution module is enabled or not.
#-# By default remote events are disabled.
# observation.remote.enabled = false

#-# [Since 2.0M3]
#-# The list of events communication channels to start when the application starts.
#-# By default no channel is configured.
#-#
#-# The default remote event distribution implementation is using JGroups and you'll need to either use embedded
#-# JGroups configuration files or drop your custom configuration in the WEB-INF/observation/remote/jgroups/ directory.
#-# There's a README file in that directory with more information.
#-# Example: observation.remote.channels = public, cluster

#-# [Since 2.0M4]
#-# The implementation of network adapter to use.
#-# The default is jgroups.
#-#
#-# By default only jgroups is provided. To add one implements NetworkAdaptor component interface. The identifier
#-# provided in the configuration is matched with the component role hint.
#-# Example: observation.remote.networkadapter = jgroups

#-------------------------------------------------------------------------------------
# CSRF token component
#-------------------------------------------------------------------------------------

#-# [Since 2.5M2]
#-# Controls whether secret token validation mechanism should be used (to prevent CSRF attacks).
#-#
#-# If enabled, all actions requiring "comment", "edit", "delete", "admin" or "programming" rights
#-# will check that the parameter "form_token" with the value of a random secret token is present
#-# in the request.
#-#
#-# Valid values:
#-#   true : Enabled
#-#   false: Disabled
#-#
#-# Default value is true
# csrf.enabled = true

#-------------------------------------------------------------------------------------
# Jobs
#-------------------------------------------------------------------------------------

#-# [Since 4.0M1]
#-# The folder containing job executing status.
#-# The default is {environment.permanentDirectory}/jobs/
# job.statusFolder = /var/lib/xwiki/data/jobs/

#-# [Since 7.2M2]
#-# The maximum number of entries to put in the job status cache.
#-# The default is 50.
# job.statusCacheSize = 50

#-# [Since 12.5RC1]
#-# The maximum number of entries to put in cache for the GroupedJobInitializer components.
#-# The default is 100.
# job.groupedJobInitializerCacheSize = 100

#-# [Since 12.5RC1]
#-# The thread keep-alive time in milliseconds for the single job executor.
#-# This value defines how long a thread can be idle before being terminated by the executor.
#-# The default value is 60000 for 60 000ms.
# job.singleJobThreadKeepAliveTime = 60000

#-# [Since 12.5RC1]
#-# The thread keep-alive time in milliseconds for the grouped job executors.
#-# This value defines how long a thread can be idle before being terminated by an executor.
#-# The default value is 60000 for 60 000ms.
# job.groupedJobThreadKeepAliveTime = 60000

#-------------------------------------------------------------------------------------
# Extension Manager
#-------------------------------------------------------------------------------------

#-# [Since 2.5]
#-# Repositories to use when searching and downloading extensions.
#-# Repositories will be checked in the same order they have in this configuration file.
#-#
#-# The format is <id>:<type>:<url> where
#-# * id can be anything as long as there is only one
#-# * type is the type of the repository (maven, xwiki, etc.)
#-# * url is the URL or the root of the repository
#-#
#-# [Since 4.3] It's also possible to associate various properties to each repository.
#-# Here are the standard properties:
#-# * user: the user to use to authenticate to the repository
#-# * password: the password to use to authenticate to the repository
#-# 
#-# And here those for "maven" repositories:
#-# * [Since 10.7RC1] checksumPolicy: what to do when checksum validation fail. Possible values are "fail", "warn"
#-#   (the default) and "ignore"
#-# * [Since 13.0RC1] http.headers: Custom HTTP headers to be used when connecting to the maven repository.
#-#
#-# Here is an example:
# extension.repositories = privatemavenid:maven:http://host.com/private/maven/
# extension.repositories.privatemavenid.auth.user = someuser
# extension.repositories.privatemavenid.auth.password = thepassword
# extension.repositories.privatemavenid.http.headers.headername = headervalue
#-#
#-# Here's an example to add your local Maven Repository
## Note: Since this file is parsed by Velocity in the Maven Remote Resource plugin we need to escape the
## Apache Commons Configuration syntax for specifying the user.home system property!
#set ($userHome = '${sys:user.home}')
# extension.repositories = maven-local:maven:file://${userHome}/.m2/repository
#-#
#-# And an example to add the XWiki Maven Snapshot Repository
# extension.repositories = maven-xwiki-snapshot:maven:https://nexus-snapshots.xwiki.org/repository/snapshots/
#-#
#-# When not set the following is taken (in this order):
# extension.repositories = maven-xwiki:maven:https://nexus.xwiki.org/nexus/content/groups/public
# extension.repositories = store.xwiki.com:xwiki:https://store.xwiki.com/xwiki/rest/
# extension.repositories = extensions.xwiki.org:xwiki:https://extensions.xwiki.org/xwiki/rest/
#-#
#-# To not have any repository enabled (including disabling default repositories) you can explicitly make this list
#-# empty:
# extension.repositories=
#if ($xwikiExtensionRepositories)
#foreach ($extensionRepository in $xwikiExtensionRepositories.split(','))
extension.repositories = $extensionRepository
#end
#end

#-# [Since 2.5]
#-# The directory where extensions are stored after being downloaded.
#-#
#-# The default is {environment.permanentDirectory}/extension/repository.
# extension.localRepository=/var/lib/xwiki/data/extension/repository

#-# [Since 3.4]
#-# The user agent to use when communication with external services (generally repositories).
#-#
#-# The default is:
# extension.userAgent=XWikiExtensionManager

#-# [Since 7.1RC1]
#-# Some extensions considered now as flavor but released before the category exists
#-#
#if ($xwikiPropertiesExtensionOldFlavors)
#foreach($oldFlavor in $xwikiPropertiesExtensionOldFlavors.split(','))
extension.oldflavors=$oldFlavor.trim()
#end
#else
# extension.oldflavors=
#end

#-# [Since 8.3]
#-# Indicate if XWiki should try to find more informations about the core extension in the repositories.
#-#
#-# The default is:
# extension.core.resolve=true

#-# [Since 9.6]
#-# Indicate a list of pattern extension ids and the corresponding recommended version.
#-# This version will be used for dependencies matching the pattern and fallback on the version declared by the
#-# extension in case of failure.
#-#
#-# Here is an example:
# extension.recommendedVersions=org.xwiki.commons:.*/[9.6]
# extension.recommendedVersions=org.xwiki.rendering:.*/[9.6]
# extension.recommendedVersions=org.xwiki.platform:.*/[9.6]
# extension.recommendedVersions=com.mygroupid:.*/[1.9]

#-# [Since 9.9]
#-# Indicate whether the server should automatically check for new available environment versions.
#-#
#if ($xwikiPropertiesEnvironmentVersionCheck)
extension.versioncheck.environment.enabled=$xwikiPropertiesEnvironmentVersionCheck
#else
#-# The default is:
# extension.versioncheck.environment.enabled=false
#end
#-#
#-# If the version check is enabled (through extension.versioncheck.environment.enabled), the following properties
#-# can be used to customize how the version check is performed.
#-#
#-# Indicate the number of seconds between each check for a new version of the server.
#-# The default is:
# extension.versioncheck.environment.interval=3600
#-#
#-# Indicate a pattern that will be used to filter which version should be considered as a new version.
#-# By default, no pattern is given an the pattern is not applied.
#-# Example:
# extension.versioncheck.environment.allowedVersions=9.*

#-# [Since 10.5RC1]
#-# Indicate how extension documents are protected.
#-#
#-# The possible choices are:
#-# * none: no protection at all
#-# * warning (the default): everyone get a warning when trying to edit a protected document
#-# * deny = EDIT/DELETE right is denied for everyone except for admins who just get a warning
#-# * forcedDeny = EDIT/DELETE right is denied for everyone, admins can't force edit/delete
#-# * denySimple = EDIT/DELETE right is denied for simple users except for simple admins who just get a warning
#-# * forcedDenySimple = EDIT/DELETE right is denied for all simple users, simple admins can't force edit/delete
# extension.xar.protection=warning

#-# [Since 12.2RC and 11.10.4]
#-# Indicate a list of extension dependencies to ignore
#-# 
#-# The default list is:
# extension.ignoredDependencies=stax:stax
# extension.ignoredDependencies=javax.xml.stream:stax-api
# extension.ignoredDependencies=stax:stax-api
# extension.ignoredDependencies=xalan:xalan
# extension.ignoredDependencies=xalan:serializer
# extension.ignoredDependencies=xml-apis:xml-apis
# extension.ignoredDependencies=xerces:xmlParserAPIs

#-------------------------------------------------------------------------------------
# Extension Manager - Security
#-------------------------------------------------------------------------------------

#-# [Since 15.5RC1]
#-# When true, the security scan is enabled. This is the default; set to false to disable the scan.
#-#
# extension.security.scan.enabled = true

#-# [Since 15.5RC1]
#-# Specifies the delay before starting a new security scan after the last one has finished.
#-# The default value is 24 hours.
#-#
# extension.security.scan.delay = 24

#-# [Since 15.5RC1]
#-# Specifies the url to use as the endpoint for the security scan rest queries.
#-# The url must conform to the API documented here: https://google.github.io/osv.dev/post-v1-query/
#-# The default value is https://api.osv.dev/v1/query.
#-#
# extension.security.scan.url = https://api.osv.dev/v1/query

#-# [Since 15.6RC1]
#-# Specifies the url to use as the endpoint for the security scan false-positive fetching rest queries.
#-# The url must conform to the API documented here: http://e.x.o.doc...
#-# The default value is https://extensions.xwiki.org/xwiki/bin/view/Extension/Extension/Security/Code/Reviews
#-#
# extension.security.reviews.url = https://extensions.xwiki.org/xwiki/bin/view/Extension/Extension/Security/Code/Reviews

#-------------------------------------------------------------------------------------
# Distribution Wizard
#-------------------------------------------------------------------------------------

#-# [Since 7.1RC1] Enable or disable the automatic start of Distribution Wizard on empty/outdated wiki.
#-#
#-# The default is:

# distribution.automaticStartOnMainWiki=true
# distribution.automaticStartOnWiki=true
#if ($xwikiPropertiesAutomaticStartOnMainWiki)
distribution.automaticStartOnMainWiki=$xwikiPropertiesAutomaticStartOnMainWiki
#end
#if ($xwikiPropertiesAutomaticStartOnWiki)
distribution.automaticStartOnWiki=$xwikiPropertiesAutomaticStartOnWiki
#end

#-# [Since 10.2RC1] Control if the Distribution Wizard should be automatic or interactive (the default)
#-# 
#-# On the main wiki
# distribution.job.interactive=true
#-# On the subwikis
# distribution.job.interactive.wiki=true

#-# [Since 10.2RC1] Override the default UI indicated in the "environment extension" (usually means the WAR).
#-# It usually make more sense to set that at the WAR level (since it's usually synchronized with it).
#-# If this is set it also means the Distribution Wizard will switch to default UI mode in which you cannot choose the
#-# flavor.
#-#
#-# The id[/version] of the default UI for the main wiki. If the version is not indicated it will be the version of the
#-# environment extension.
# distribution.defaultUI=org.my.groupid:artifactid-mainwiki/1.5
#-# The id[/version] default UI for the subwikis.  If the version is not indicated it will be the version of the
#-# environment extension.
# distribution.defaultWikiUI=org.my.groupid:artifactid-wiki/1.5

#-------------------------------------------------------------------------------------
# Solr Search
#-------------------------------------------------------------------------------------

#-# [Since 4.5M1]
#-# The Solr server type. Currently accepted values are "embedded" (default) and "remote".
# solr.type=embedded

#-# [Since 4.5M1]
#-# The location where the embedded Solr instance home folder is located.
#-# The default is the subfolder "store/solr" inside folder defined by the property "environment.permanentDirectory".
# solr.embedded.home=/var/local/xwiki/store/solr

#-# [Since 12.2]
#-# The URL of the Solr server (the root server and not the URL of a core).
#-# The default value assumes that the remote Solr server is started in a different process on the same machine,
#-# using the default port.
# solr.remote.baseURL=http://localhost:8983/solr

#-# [Since 12.6]
#-# The prefix to add in front on each remote core name to avoid collisions with non-XWiki cores.
#-# The default is "xwiki" which will produce names likes "xwiki_events" for example.
# solr.remote.corePrefix=xwiki

#-# [Since 5.1M1]
#-# Elements to index are not sent to the Solr server one by one but in batch to improve performances.
#-# It's possible to configure this behavior with the following properties:
#-#
#-# The maximum number of elements sent at the same time to the Solr server
#-# The default is 50.
# solr.indexer.batch.size=50
#-# The maximum number of characters in the batch of elements to send to the Solr server.
#-# The default is 10000.
# solr.indexer.batch.maxLength=10000

#-# [Since 5.1M1]
#-# The maximum number of elements in the background queue of elements to index/delete
#-# The default is 10000.
# solr.indexer.queue.capacity=100000

#-# [Since 6.1M2]
#-# Indicates if a synchronization between SOLR index and XWiki database should be performed at startup.
#-# Synchronization can be started from the search administration UI.
#-# The default is true.
# solr.synchronizeAtStartup=false

#-# [Since 12.5RC1]
#-# Indicates which wiki synchronization to perform when the "solr.synchronizeAtStartup" property is set to true.
#-# Two modes are available:
#-#   - WIKI: indicate that the synchronization is performed when each wiki is accessed for the first time.
#-#   - FARM: indicate that the synchronization is performed once for the full farm when XWiki is started.
#-# For large farms and in order to spread the machine's indexing load, the WIKI value is recommended, especially if
#-# some wikis are not used.
#-# The default is:
# solr.synchronizeAtStartupMode=FARM

#-# [Since 17.2.0RC1]
#-# [Since 16.10.5]
#-# [Since 16.4.7]
#-# Indicates the batch size for the synchronization between SOLR index and XWiki database. This defines how many
#-# documents will be loaded from the database and Solr in each step. Higher values lead to fewer queries and thus
#-# better performance but increase the memory usage. The expected memory usage is around 1KB per document, but
#-# depends highly on the length of the document names.
#-# The default is 1000.
# solr.synchronizeBatchSize=1000

#-------------------------------------------------------------------------------------
# Security
#-------------------------------------------------------------------------------------

#-# [Since 5.0M2]
#-# Define the authorization policies by choosing another implementation of the AuthorizationSettler. This component
#-# is solely responsible for settling access decisions based on user, target entity and available security rules.
#-# The identifier provided here is matched with the component role hint.
#-#
#-# The default is:
# security.authorization.settler = default

#-# [Since 13.0]
#-# Control if document save API should also check the right of the script author when saving a document.
#-# When false only the current user right is checked.
#-#
#-# The default is:
# security.script.save.checkAuthor = true

#-# [Since 13.10]
#-# Prevent against DOS attacks by limiting the number of entries returned by DB queries, for guest users.
#-#
#-# The default is:
# security.queryItemsLimit = 100

#-# [Since 13.10.1]
#-# [Since 14.0RC1]
#-# Define the lifetime of the token used for resetting passwords in minutes.
#-# Default value is 60 meaning that users have 1 hour to access the link sent by email for performing password reset.
#-# Once the password is reset using the link, the token is revoked.
#-# Using 0 here means that the token has no expiration date, however it will be revoked at first wrong access.
#-#
#-# The value is in minutes. The default is:
# security.authentication.resetPasswordTokenLifetime = 60

#-# [Since 14.6RC1]
#-# [Since 14.4.3]
#-# [Since 13.10.8]
#-# This option is only used when performing a migration from a wiki before the versions mentioned above.
#-#
#-# This parameter defines if as part of the migration R140600000XWIKI19869 the passwords of impacted user should be
#-# reset or not. It's advised to keep this value as true, now for some usecases advertised administrators might want
#-# their users to keep their passwords nevertheless, then enable the configuration and set it to false before the
#-# migration is executed.
# security.migration.R140600000XWIKI19869.resetPassword = true

#-# [Since 14.6RC1]
#-# [Since 14.4.3]
#-# [Since 13.10.8]
#-# This option is only used when performing a migration from a wiki before the versions mentioned above.
#-#
#-# This parameter defines if reset password emails should be sent as part of the migration R140600000XWIKI19869.
#-# By default this value is set to true, so emails will be automatically produced. Now it's possible for admin to set
#-# this option to false: note that in such case a file containing the list of users for whom a reset password email
#-# should be sent will still be created in the permanent directory (named 140600000XWIKI19869DataMigration-users.txt).
#-# If this file exists and this property is set back to true after the migration, the file will still be consumed to
#-# send the emails, so it's possible to perform the migration and send the emails only later if needed.
# security.migration.R140600000XWIKI19869.sendResetPasswordEmail = true

#-# [Since 14.6RC1]
#-# [Since 14.4.3]
#-# [Since 13.10.8]
#-# This option is only used when performing a migration from a wiki before the versions mentioned above.
#-#
#-# This parameter defines if a security email information should be sent as part of the migration R140600000XWIKI19869.
#-# By default this value is set to true, so emails will be automatically produced. Now it's possible for admin to set
#-# this option to false: note that in such case a file containing the list of users for whom a reset password email
#-# should be sent will still be created in the permanent directory (named 140600000XWIKI19869DataMigration-users.txt).
#-# If this file exists and this property is set back to true after the migration, the file will still be consumed to
#-# send the emails, so it's possible to perform the migration and send the emails only later if needed.
# security.migration.R140600000XWIKI19869.sendSecurityEmail = true

#-# [Since 15.9RC1]
#-# Indicates how documents are protected by required rights.
#-#
#-# The possible choices are:
#-# * none: no required rights check
#-# * warning (the default): a warning is presented to the user when trying to edit a document with required rights
#-# issues
# security.requiredRights.protection=warning

#-------------------------------------------------------------------------------------
# Query
#-------------------------------------------------------------------------------------

#-# [Since 17.0.0RC1]
#-# [Since 16.10.2]
#-# [Since 15.10.16]
#-# [Since 16.4.6]
#-# While HQL queries executed by users without programming right are already validated, it's sometimes necessary to
#-# customize the behavior of the standard validator because it might be too strict (or not strict enough).
#-# The following properties allow giving a list of (Java) regular expressions.
#-# In case both safe and unsafe patterns match the query, the priority goes to the unsafe pattern.
#-#
# query.hql.unsafe=.*some native syntax.*
#-#
#-# Note: be very careful to not use too large regular expression when adding a safe pattern as it could introduce a vulnerability.
#-#
# query.hql.safe=select prop1, prop2 from CustomTable
# query.hql.safe=select\\s+((prop1|prop2|prop3)\\s*,?\\s*)+\\s+from MyCustomTable

#-------------------------------------------------------------------------------------
# URL
#-------------------------------------------------------------------------------------

#-# IMPORTANT: The URL module is a feature still in development and as such should be considered experimental at the
#-# moment. The configuration parameters below are used only in some part of the code at the moment. The idea is to
#-# progressively refactor more and more till only the new properties are used. For the moment you should continue to
#-# use the following old properties located in xwiki.cfg:
#-#  xwiki.virtual.usepath
#-#  xwiki.virtual.usepath.servletpath

#-# [Since 5.1M1]
#-# The id of the URL format to use. This allows to plug in different implementations and thus allows to completely
#-# control the format of XWiki URLs.
#-#
#-# The default is:
# url.format=standard

#-# [Since 5.1M1]
#-# Defines where the wiki part is defined in a URL pointing to a subwiki
#-# If true then the wiki part is located in the URL path (a.k.a path-based), for example:
#-#   http://server/xwiki/wiki/mywiki/view/Space/Page
#-# If false then the wiki part is located in the URL host domain (a.k.a domain-based), for example:
#-#   http://mywiki.domain/xwiki/bin/view/Space/Page
#-#
#-# The default is:
# url.standard.multiwiki.isPathBased=true

#-# [Since 5.1M1]
#-# For path-based setups, this property defines the path segment before the one identifying the subwiki in the URL.
#-# For example if set to "thewiki", then the following URL will point to a subwiki named "mywiki":
#-#   http://server/xwiki/thewiki/mywiki/view/Space/Page
#-# Note that the mapping in web.xml has to be modified accordingly if you don't use the default value:
#-#   <servlet-mapping>
#-#     <servlet-name>action</servlet-name>
#-#     <url-pattern>/wiki/*</url-pattern>
#-#   </servlet-mapping>
#-#
#-# The default is:
# url.standard.multiwiki.wikiPathPrefix=wiki

#-# [Since 5.2M1]
#-# Defines the URL path prefix used for Entity URLs, i.e. URLs pointing to a Document, Space, Object, etc.
#-# For example this is the "bin" part in the following URL:
#-#   http://server/xwiki/bin/view/space/page
#-# Note that this replaces the old xwiki.defaultservletpath property in the xwiki.cfg file.
#-#
#-# The default is:
# url.standard.entityPathPrefix=bin

#-# [Since 5.3M1]
#-# The action to take when a subwiki is not found (ie there's no wiki descriptor for it). Valid values are:
#-# - redirect_to_main_wiki: default to displaying the main wiki
#-# - display_error: redirect to a vm to display an error
#-#
#-# The default is:
# url.standard.multiwiki.notFoundBehavior=redirect_to_main_wiki

#-# [Since 7.2M1]
#-# Whether the "view" action is omitted in URLs (in order to have shorter URLs).
#-# Note that this replaces the old xwiki.showviewaction property in the xwiki.cfg file.
#-#
#-# The default is:
# url.standard.hideViewAction=false

#-# [Since 11.1RC1]
#-# Whether a the last modified date of the file to be loaded should be checked and put in the URL query parameter.
#-# Disabling this might improve a bit the performance on some old hard drives, or custom filesystem, however
#-# it might imply the need to force-reload some resources in the browser, when migrating.
#-#
#-# The default is:
# url.useResourceLastModificationDate=true

#-# [Since 13.3RC1]
#-# [Since 12.10.7]
#-# Define a list of trusted domains that can be used in the wiki for performing requests or redirections even if
#-# the wiki does not use it. Domains are listed without http and separated with a comma in the list. Subdomains can be
#-# specified.
#-# Example of accepted value: foo.acme.org,enterprise.org
#-#
#-# By default the list of trusted domains is empty:
# url.trustedDomains=

#-# [Since 13.3RC1]
#-# [Since 12.10.7]
#-# Allow to enable or disable checks performed on domains by taking into account the list of trusted domains.
#-# Disable this property only if you experienced some issues on your wiki: some security check won't be performed when
#-# this property is set to false.
#-#
#-# By default this property is set to true: