diff --git a/docs/installation.md b/docs/installation.md index f1485806..af64bb25 100644 --- a/docs/installation.md +++ b/docs/installation.md @@ -250,7 +250,7 @@ You can use Visio on https://meet.127.0.0.1.nip.io from the local device. The pr These are the environmental options available on meet backend. | Option | Description | default | -| ----------------------------------------------- | ---------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| ----------------------------------------------- | ---------------------------------------- |---------------------------------------------------------------------------------------------------------------------------------------------------------------| | DATA_DIR | Data directory location | /data | | DJANGO_ALLOWED_HOSTS | Hosts that are allowed | [] | | DJANGO_SECRET_KEY | Secret key used for Django security | | @@ -270,7 +270,7 @@ These are the environmental options available on meet backend. | AWS_STORAGE_BUCKET_NAME | S3 bucket name | meet-media-storage | | DJANGO_LANGUAGE_CODE | Default language | en-us | | REDIS_URL | Redis endpoint | redis://redis:6379/1 | -| SESSION_COOKIE_AGE | Session cookie expiration in seconds | 43200 (12 hours) | +| SESSION_COOKIE_AGE | Session cookie expiration in seconds | 43200 (12 hours) | | REQUEST_ENTRY_THROTTLE_RATES | Entry request throttle rates | 150/minute | | CREATION_CALLBACK_THROTTLE_RATES | Creation callback throttle rates | 600/minute | | SPECTACULAR_SETTINGS_ENABLE_DJANGO_DEPLOY_CHECK | Enable Django deploy check | false | @@ -293,7 +293,7 @@ These are the environmental options available on meet backend. | EMAIL_LOGO_IMG | Email logo image | | | EMAIL_DOMAIN | Email domain | | | EMAIL_APP_BASE_URL | Email app base URL | | -| DJANGO_CORS_ALLOW_ALL_ORIGINS | Allow all CORS origins | true | +| DJANGO_CORS_ALLOW_ALL_ORIGINS | Allow all CORS origins | false | | DJANGO_CORS_ALLOWED_ORIGINS | Origins to allow (string list) | [] | | DJANGO_CORS_ALLOWED_ORIGIN_REGEXES | Origins to allow (regex patterns) | [] | | SENTRY_DSN | Sentry server DSN | | @@ -351,10 +351,10 @@ These are the environmental options available on meet backend. | LOBBY_KEY_PREFIX | Lobby key prefix | room_lobby | | LOBBY_WAITING_TIMEOUT | Lobby waiting timeout in seconds | 3 | | LOBBY_DENIED_TIMEOUT | Lobby deny timeout in seconds | 5 | -| LOBBY_ACCEPTED_TIMEOUT | Lobby accept timeout in seconds | 21600 (6 hours) | +| LOBBY_ACCEPTED_TIMEOUT | Lobby accept timeout in seconds | 21600 (6 hours) | | LOBBY_NOTIFICATION_TYPE | Lobby notification types | participantWaiting | | LOBBY_COOKIE_NAME | Lobby cookie name | lobbyParticipantId | -| ROOM_CREATION_CALLBACK_CACHE_TIMEOUT | Room creation callback cache timeout | 600 (10 minutes) | +| ROOM_CREATION_CALLBACK_CACHE_TIMEOUT | Room creation callback cache timeout | 600 (10 minutes) | | ROOM_TELEPHONY_ENABLED | Enable SIP telephony feature | false | | ROOM_TELEPHONY_PIN_LENGTH | Telephony PIN length | 10 | | ROOM_TELEPHONY_PIN_MAX_RETRIES | Telephony PIN maximum retries | 5 | diff --git a/src/backend/meet/settings.py b/src/backend/meet/settings.py index 9fe098cd..c11c4a20 100755 --- a/src/backend/meet/settings.py +++ b/src/backend/meet/settings.py @@ -340,7 +340,7 @@ class Base(Configuration): # CORS CORS_ALLOW_CREDENTIALS = True - CORS_ALLOW_ALL_ORIGINS = values.BooleanValue(True) + CORS_ALLOW_ALL_ORIGINS = values.BooleanValue(False) CORS_ALLOWED_ORIGINS = values.ListValue([]) CORS_ALLOWED_ORIGIN_REGEXES = values.ListValue([])