DefaultConfigurationDescription.yaml 58.3 KB
Newer Older
1
2
GFX:
    type: container
3
    description: 'Image Processing'
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    items:
        thumbnails:
            type: bool
            description: 'Enables the use of thumbnails in the backend interface.'
        thumbnails_png:
            type: bool
            description: 'If disabled, thumbnails from non-image files will be converted to ''gif'', otherwise ''png'' (default).'
        gif_compress:
            type: bool
            description: 'Enables the use of the <code>\TYPO3\CMS\Core\Imaging\GraphicalFunctions::gifCompress()</code> workaround function for compressing .gif files made with GD or IM, which probably use only RLE or no compression at all.'
        imagefile_ext:
            type: list
            description: 'Commalist of file extensions perceived as images by TYPO3. List should be set to ''gif,png,jpeg,jpg'' if IM is not available. Lowercase and no spaces between!'
        gdlib:
            type: bool
            description: 'Enables the use of GD.'
        gdlib_png:
            type: bool
            description: 'Enables the use of GD, with PNG only. This means that all items normally generated as gif-files will be png-files instead!'
        processor_enabled:
            type: bool
            description: 'Enables the use of Image- or GraphicsMagick.'
        processor_path:
            type: text
            description: 'Path to the IM tools ''convert'', ''combine'', ''identify''.'
        processor:
            type: dropdown
31
32
33
34
            allowedValues:
              'ImageMagick': 'Choose ImageMagick for processing images'
              'GraphicsMagick': 'Choose GraphicsMagick for processing images'
            description: 'Select which external software on the server should process images - see also the Preset functionality to see what is available.'
35
        processor_effects:
36
37
            type: bool
            description: 'If enabled, apply blur and sharpening in ImageMagick/GraphicMagick functions'
38
39
40
41
42
43
44
45
46
47
48
49
50
51
        processor_allowUpscaling:
            type: bool
            description: 'If set, images can be scaled up if told so (in <code>\TYPO3\CMS\Core\Imaging\GraphicalFunctions</code>)'
        processor_allowFrameSelection:
            type: bool
            description: 'If set, the [x] frame selector is appended to input filenames in stdgraphic. This speeds up image processing for PDF files considerably. Disable if your image processor or environment can''t cope with the frame selection.'
        processor_allowTemporaryMasksAsPng:
            type: bool
            description: 'This should be set if your processor supports using PNGs as masks as this is usually faster.'
        processor_stripColorProfileByDefault:
            type: bool
            description: 'If set, the processor_stripColorProfileCommand is used with all processor image operations by default. See tsRef for setting this parameter explicitly for IMAGE generation.'
        processor_stripColorProfileCommand:
            type: text
52
            description: 'String: Specify the command to strip the profile information, which can reduce thumbnail size up to 60KB. Command can differ in IM/GM, IM also know the -strip command. See <a href="http://www.imagemagick.org/Usage/thumbnails/#profiles" target="_blank" rel="noreferrer">imagemagick.org</a> for details'
53
54
55
        processor_colorspace:
            type: text
            description: 'String: Specify the colorspace to use. Some ImageMagick versions (like 6.7.0 and above) use the sRGB colorspace, so all images are darker then the original. <br />Possible Values: CMY, CMYK, Gray, HCL, HSB, HSL, HWB, Lab, LCH, LMS, Log, Luv, OHTA, Rec601Luma, Rec601YCbCr, Rec709Luma, Rec709YCbCr, RGB, sRGB, Transparent, XYZ, YCbCr, YCC, YIQ, YCbCr, YUV'
56
57
58
        processor_interlace:
            type: text
            description: 'String: Specify the interlace option to use. The result differs in different GM / IM versions. See manual of GraphicsMagick or ImageMagick for right option. <br />Possible values: None, Line, Plane, Partition'
59
60
61
62
63
        jpg_quality:
            type: int
            description: 'Integer: Default JPEG generation quality'
SYS:
    type: container
64
    description: 'System'
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
    items:
        fileCreateMask:
            type: text
            description: 'File mode mask for Unix file systems (when files are uploaded/created).'
        folderCreateMask:
            type: text
            description: 'As above, but for folders.'
        createGroup:
            type: text
            description: 'Group for newly created files and folders (Unix only). Group ownership can be changed on Unix file systems (see above). Set this if you want to change the group ownership of created files/folders to a specific group. This makes sense in all cases where the webserver is running with a different user/group as you do. Create a new group on your system and add you and the webserver user to the group. Now you can safely set the last bit in fileCreateMask/folderCreateMask to 0 (e.g. 770). Important: The user who is running your webserver needs to be a member of the group you specify here! Otherwise you might get some error messages.'
        sitename:
            type: text
            description: 'Name of the base-site.'
        encryptionKey:
            type: text
            description: 'This is a "salt" used for various kinds of encryption, CRC checksums and validations. You can enter any rubbish string here but try to keep it secret. You should notice that a change to this value might invalidate temporary information, URLs etc. At least, clear all cache if you change this so any such information can be rebuilt with the new key.'
        cookieDomain:
            type: text
            description: 'Restricts the domain name for FE and BE session cookies. When setting the value to ".domain.com" (replace domain.com with your domain!), login sessions will be shared across subdomains. Alternatively, if you have more than one domain with sub-domains, you can set the value to a regular expression to match against the domain of the HTTP request. The result of the match is used as the domain for the cookie. eg. <code>/\.(example1|example2)\.com$/</code> or <code>/\.(example1\.com)|(example2\.net)$/</code>. Separate domains for FE and BE can be set using <a href="#FE-cookieDomain">$TYPO3_CONF_VARS[''FE''][''cookieDomain'']</a> and <a href="#BE-cookieDomain">$TYPO3_CONF_VARS[''BE''][''cookieDomain'']</a> respectively.'
        trustedHostsPattern:
            type: text
            description: 'Regular expression pattern that matches all allowed hostnames (including their ports) of this TYPO3 installation, or the string "SERVER_NAME" (default). The default value <code>SERVER_NAME</code> checks if the HTTP Host header equals the SERVER_NAME and SERVER_PORT. This is secure in correctly configured hosting environments and does not need further configuration. If you cannot change your hosting environment, you can enter a regular expression here. Examples: <code>.*\.domain\.com</code> matches all hosts that end with <code>.domain.com</code> with all corresponding subdomains. <code>(.*\.domain|.*\.otherdomain)\.com</code> matches all hostnames with subdomains from <code>.domain.com</code> and <code>.otherdomain.com</code>. Be aware that HTTP Host header may also contain a port. If your installation runs on a specific port, you need to explicitly allow this in your pattern, e.g. <code>www\.domain\.com:88</code> allows only <code>www.domain.com:88</code>, <strong>not</strong> <code>www.domain.com</code>. To disable this check completely (not recommended because it is <strong>insecure</strong>) you can use ".*" as pattern.'
        devIPmask:
            type: text
            description: 'Defines a list of IP addresses which will allow development-output to display. The debug() function will use this as a filter. See the function <code>\TYPO3\CMS\Core\Utility\GeneralUtility::cmpIP()</code> for details on syntax. Setting this to blank value will deny all. Setting to "*" will allow all.'
        ddmmyy:
            type: text
92
            description: 'Format of Day-Month-Year - see PHP-function <a href="https://php.net/date" target="_blank" rel="noreferrer">date()</a>'
93
94
        hhmm:
            type: text
95
            description: 'Format of Hours-Minutes - see PHP-function <a href="https://php.net/date" target="_blank" rel="noreferrer">date()</a>'
96
97
98
99
100
101
102
103
        loginCopyrightWarrantyProvider:
            type: text
            description: 'If you provide warranty for TYPO3 to your customers insert you (company) name here. It will appear in the login-dialog as the warranty provider. (You must also set URL below).'
        loginCopyrightWarrantyURL:
            type: text
            description: 'Add the URL where you explain the extend of the warranty you provide. This URL is displayed in the login dialog as the place where people can learn more about the conditions of your warranty. Must be set (more than 10 chars) in addition with the ''loginCopyrightWarrantyProvider'' message.'
        textfile_ext:
            type: text
104
            description: 'Text file extensions. Those that can be edited. Executable PHP files may not be editable if disallowed!'
105
106
107
108
109
110
111
112
113
114
115
116
117
118
        mediafile_ext:
            type: text
            description: 'Commalist of file extensions perceived as media files by TYPO3. Lowercase and no spaces between!'
        binPath:
            type: text
            description: 'List of absolute paths where external programs should be searched for. Eg. <code>/usr/local/webbin/,/home/xyz/bin/</code>. (ImageMagick path have to be configured separately)'
        binSetup:
            type: multiline
            description: 'List of programs (separated by newline or comma). By default programs will be searched in default paths and the special paths defined by <code>binPath</code>. When PHP has openbasedir enabled the programs can not be found and have to be configured here. Example: <code>perl=/usr/bin/perl,unzip=/usr/local/bin/unzip</code>'
        setMemoryLimit:
            type: int
            description: 'Integer: memory_limit in MB: If more than 16, TYPO3 will try to use ini_set() to set the memory limit of PHP to the value. This works only if the function ini_set() is not disabled by your sysadmin.'
        phpTimeZone:
            type: text
119
            description: 'timezone to force for all date() and mktime() functions. A list of supported values can be found at <a href="https://php.net/manual/en/timezones.php" target="_blank" rel="noreferrer">php.net</a>. If this is not set, a valid fallback will be searched for by PHP (php.ini''s <a href="http://www.php.net/manual/en/datetime.configuration.php#ini.date.timezone" target="_blank" rel="noreferrer">date.timezone</a> setting, server defaults, etc); and if no fallback is found, the value of "UTC" is used instead.'
120
121
        UTF8filesystem:
            type: bool
122
            description: |
123
124
125
              If TRUE then TYPO3 uses utf-8 to store file names. This allows for accented Latin letters as well as any other non-latin characters like Cyrillic and Chinese.
              <strong>IMPORTANT:</strong> This requires a UTF-8 compatible locale in order to work. Otherwise problems with filenames containing special characters will occur.
              See [SYS][systemLocale] and <a href="https://php.net/manual/en/function.setlocale.php" target="_blank" rel="noreferrer">setlocale()</a>.
126
127
        systemLocale:
            type: text
128
            description: 'Locale used for certain system related functions, e.g. escaping shell commands. If problems with filenames containing special characters occur, the value of this option is probably wrong. See <a href="https://php.net/manual/en/function.setlocale.php" target="_blank" rel="noreferrer">setlocale()</a>.'
129
130
131
132
133
        reverseProxyIP:
            type: list
            description: 'List of IP addresses. If TYPO3 is behind one or more (intransparent) reverse proxies the IP addresses must be added here.'
        reverseProxyHeaderMultiValue:
            type: text
134
135
136
137
138
            allowedValues:
              'none': 'Do not evaluate the reverse proxy header'
              'first': 'Use the first IP address in the proxy header'
              'last': 'Use the last IP address in the proxy header'
            description: 'Defines which values of a proxy header (eg HTTP_X_FORWARDED_FOR) to use, if more than one is found.'
139
140
        reverseProxyPrefix:
            type: text
141
            description: 'Optional prefix to be added to the internal URL (SCRIPT_NAME and REQUEST_URI). Example: When proxying ext-domain.com to int-server.com/prefix this has to be set to <em>prefix</em>'
142
143
144
145
146
147
148
149
        reverseProxySSL:
            type: text
            description: '''*'' or list of IP addresses of proxies that use SSL (https) for the connection to the client, but an unencrypted connection (http) to the server. If ''*'' all proxies defined in <a href="#SYS-reverseProxyIP">[SYS][reverseProxyIP]</a> use SSL.'
        reverseProxyPrefixSSL:
            type: text
            description: 'Prefix to be added to the internal URL (SCRIPT_NAME and REQUEST_URI) when accessing the server via an SSL proxy. This setting overrides <a href="#SYS-reverseProxyPrefix">[SYS][reverseProxyPrefix]</a>.'
        displayErrors:
            type: int
150
151
152
153
154
            allowedValues:
              '-1': 'TYPO3 does not touch the PHP setting. If [SYS][devIPmask] matches the user''s IP address, the configured [SYS][debugExceptionHandler] is used instead of the [SYS][productionExceptionHandler] to handle exceptions.'
              '0': 'Live: Do not display any PHP error message. Sets "display_errors=0". Overrides the value of [SYS][exceptionalErrors] and sets it to 0 (= no errors are turned into exceptions). The configured [SYS][productionExceptionHandler] is used as exception handler.'
              '1': 'Debug: Display error messages with the registered [SYS][errorHandler]. Sets "display_errors=1". The configured [SYS][debugExceptionHandler] is used as exception handler.'
            description: 'Configures whether PHP errors or Exceptions should be displayed, effectively setting the PHP option <code>display_errors</code> during runtime.'
155
156
157
158
159
160
161
162
        productionExceptionHandler:
            type: phpClass
            description: 'Classname to handle exceptions that might happen in the TYPO3-code. Leave empty to disable exception handling. Default: "TYPO3\CMS\Core\Error\ProductionExceptionHandler". This exception handler displays a nice error message when something went wrong. The error message is logged to the configured logs. Note: The configured "productionExceptionHandler" is used if [SYS][displayErrors] is set to "0" or is set to "-1" and [SYS][devIPmask] doesn''t match the user''s IP.'
        debugExceptionHandler:
            type: phpClass
            description: 'Classname to handle exceptions that might happen in the TYPO3-code. Leave empty to disable exception handling. Default: "TYPO3\CMS\Core\Error\DebugExceptionHandler". This exception handler displays the complete stack trace of any encountered exception. The error message and the stack trace is logged to the configured logs. Note: The configured "debugExceptionHandler" is used if [SYS][displayErrors] is set to "1" or is set to "-1" or "2" and the [SYS][devIPmask] matches the user''s IP.'
        errorHandler:
            type: phpClass
163
            description: 'Classname to handle PHP errors. E.g.: TYPO3\CMS\Core\Error\ErrorHandler. This class displays and logs all errors that are registered as [SYS][errorHandlerErrors]. Leave empty to disable error handling. Errors will be logged and can be sent to the optionally installed developer log or to the "syslog" database table. If an error is registered in [SYS][exceptionalErrors] it will be turned into an exception to be handled by the configured exceptionHandler.'
164
165
        errorHandlerErrors:
            type: errors
166
            description: 'The E_* constant that will be handled by the [SYS][errorHandler]. Not all PHP error types can be handled! <code>E_USER_DEPRECATED</code> will always be handled, regardless of this setting. Default is 30466 = <code>E_ALL & ~(E_STRICT | E_NOTICE | E_COMPILE_WARNING | E_COMPILE_ERROR | E_CORE_WARNING | E_CORE_ERROR | E_PARSE | E_ERROR)</code> (see <a href="https://php.net/manual/en/errorfunc.constants.php" target="_blank" rel="noreferrer">PHP documentation</a>).'
167
168
        exceptionalErrors:
            type: errors
169
            description: 'The E_* constant that will be converted into an exception by the default [SYS][errorHandler]. Default is 4096 = <code>E_ALL & ~(E_STRICT | E_NOTICE | E_COMPILE_WARNING | E_COMPILE_ERROR | E_CORE_WARNING | E_CORE_ERROR | E_PARSE | E_ERROR | E_DEPRECATED | E_USER_DEPRECATED | E_WARNING | E_USER_ERROR | E_USER_NOTICE | E_USER_WARNING)</code> (see <a href="https://php.net/manual/en/errorfunc.constants.php" target="_blank rel="noreferrer"">PHP documentation</a>). E_USER_DEPRECATED is always excluded to avoid exceptions to be thrown for deprecation messages.'
170
171
        belogErrorReporting:
            type: errors
172
            description: 'Configures which PHP errors should be logged to the "syslog" database table (extension: belog). If set to "0" no PHP errors are logged to the sys_log table. Default is 30711 = <code>E_ALL & ~(E_STRICT | E_NOTICE)</code> (see <a href="https://php.net/manual/en/errorfunc.constants.php" target="_blank" rel="noreferrer">PHP documentation</a>).'
173
174
175
        generateApacheHtaccess:
            type: bool
            description: 'TYPO3 can create <em>.htaccess</em> files which are used by Apache Webserver. They are useful for access protection or performance improvements. Currently <em>.htaccess</em> files in the following directories are created, if they do not exist: <ul><li>typo3temp/compressor/</li></ul>You want to disable this feature, if you are not running Apache or want to use own rulesets.'
176
177
178
179
180
181
        ipAnonymization:
            type: int
            allowedValues:
              '0': 'Disabled - Do not modify IP addresses at all'
              '1': 'Mask the last byte for IPv4 addresses / Mask the Interface ID for IPv6 addresses (default)'
              '2': 'Mask the last two bytes for IPv4 addresses / Mask the Interface ID and SLA ID for IPv6 addresses'
182
            description: 'Configures if and how IP addresses stored via TYPO3''s API should be anonymized ("masked") with a zero-numbered replacement. This is respected within anonymization Task, not while creating new log entries.'
183
184
185
        systemMaintainers:
            type: array
            description: 'A list of backend user IDs allowed to access the Install Tool'
186
187
188
189
        features:
            type: container
            description: 'New features of TYPO3 that are activated on new installations but upgrading installations can still use the old behaviour'
            items:
190
191
              subrequestPageErrors:
                type: bool
192
                description: 'If on, error pages in the Frontend (such as 404 pages) will be requested internally via the TYPO3 Frontend instead of using an external HTTP request. It may be enabled on an experimental basis, as there are some cases where stateful information is not correctly reset for the subrequest. Disable this feature if you have trouble with stateful services or when some custom extensions overriding PHPs global variables.'
193
194
195
              redirects.hitCount:
                type: bool
                description: 'If on, and if extension "redirects" is loaded, each performed redirect is counted and last hit time is logged to the database.'
196
              security.backend.htmlSanitizeRte:
197
198
                type: bool
                description: 'If on, rich-text content persisted in backend is processed with HTML Sanitizer to purge cross-site scripting from markup'
199
200
201
202
203
              security.backend.enforceReferrer:
                type: bool
                description: 'If on, HTTP referrer headers are enforced for backend and install tool requests to mitigate
                  potential same-site request forgery attacks. The behavior can be disabled in case HTTP proxies filter
                  required `Referer` header. As this is a potential security risk, it is recommended to enable this option.'
204
205
206
              yamlImportsFollowDeclarationOrder:
                type: bool
                description: 'If on, the YAML imports are imported in the order they are defined in the importing YAML configuration.'
207
208
209
        availablePasswordHashAlgorithms:
            type: array
            description: 'A list of available password hash mechanisms. Extensions may register additional mechanisms here. This is usually not extended in LocalConfiguration.php.'
210
211
EXT:
    type: container
212
    description: 'Extension Installation'
213
214
215
216
217
218
    items:
        excludeForPackaging:
            type: list
            description: 'List of directories and files which will not be packaged into extensions nor taken into account otherwise by the Extension Manager. Perl regular expression syntax!'
BE:
    type: container
219
    description: 'Backend'
220
221
222
223
224
225
    items:
        languageDebug:
            type: bool
            description: 'If enabled, language labels will be shown with additional debug information.'
        fileadminDir:
            type: text
226
            description: 'Path to the primary directory of files for editors. This is relative to the public web dir, DefaultStorage will be created with that configuration, do not access manually but via <code>\TYPO3\CMS\Core\Resource\ResourceFactory::getDefaultStorage().</code>'
227
228
        lockRootPath:
            type: text
229
            description: 'This path is used to evaluate if paths outside of public web path should be allowed. Ending slash required!'
230
231
232
233
234
235
236
237
238
239
240
241
242
        userHomePath:
            type: text
            description: 'Combined folder identifier of the directory where TYPO3 backend-users have their home-dirs. A combined folder identifier looks like this: [storageUid]:[folderIdentifier]. Eg. <code>2:users/</code>. A home for backend user 2 would be: <code>2:users/2/</code>. Ending slash required!'
        groupHomePath:
            type: text
            description: 'Combined folder identifier of the directory where TYPO3 backend-groups have their home-dirs. A combined folder identifier looks like this: [storageUid]:[folderIdentifier]. Eg. <code>2:groups/</code>. A home for backend group 1 would be: <code>2:groups/1/</code>. Ending slash required!'
        userUploadDir:
            type: text
            description: 'Suffix to the user home dir which is what gets mounted in TYPO3. Eg. if the user dir is <code>../123_user/</code> and this value is <code>/upload</code> then <code>../123_user/upload</code> gets mounted.'
        warning_email_addr:
            type: text
            description: 'Email address that will receive notification whenever an attempt to login to the Install Tool is made and that will also receive warnings whenever more than 3 failed backend login attempts (regardless of user) are detected within an hour.'
        warning_mode:
243
244
245
246
247
248
            type: int
            allowedValues:
              '0': 'Do not send notification-emails upon backend-login'
              '1': 'Send a notification-email every time a backend user logs in'
              '2': 'Send a notification-email every time an ADMIN backend user logs in'
            description: 'Send emails to <code>warning_email_addr</code> upon backend-login'
249
250
        passwordReset:
          type: bool
251
          description: 'Enable password reset functionality on the backend login for TYPO3 Backend users. Can be disabled for systems where only e.g. LDAP / OAuth login is allowed. Password reset will then still work on CLI and for admins in the backend.'
252
253
        passwordResetForAdmins:
          type: bool
254
          description: 'Enable password reset functionality for TYPO3 Administrators. This will affect all places such as backend login or CLI. Disable this option for increased security.'
255
256
257
258
259
260
261
        requireMfa:
          type: int
          allowedValues:
            '0': 'Do not require multi-factor authentication'
            '1': 'Require multi-factor authentication for all users'
            '2': 'Require multi-factor authentication only for non-admin users'
            '3': 'Require multi-factor authentication only for admin users'
262
            '4': 'Require multi-factor authentication only for system maintainers'
263
264
265
266
          description: 'Define users which should be required to set up multi-factor authentication.'
        recommendedMfaProvider:
          type: text
          description: 'Set the identifier of the multi-factor authentication provider, recommended for all users.'
267
268
269
270
271
272
273
274
275
276
277
278
279
280
        loginRateLimit:
          type: int
          description: 'Maximum amount of login attempts for the time interval in [BE][loginRateLimitInterval], before further login requests will be denied. Setting this value to "0" will disable login rate limiting.'
        loginRateLimitInterval:
          type: dropdown
          allowedValues:
            '1 minute': '1 minute'
            '5 minutes': '5 minutes'
            '15 minutes': '15 minutes'
            '30 minutes': '30 minutes'
          description: 'Allowed time interval for the configured rate limit. Individual values using PHP relative formats can be set in AdditionalConfiguration.php.'
        loginRateLimitIpExcludeList:
          type: list
          description: 'IP-numbers (with *-wildcards) that are excluded from rate limiting. Syntax similar to [BE][IPmaskList]. An empty value disables the exclude list check.'
281
282
        lockIP:
            type: int
283
            allowedValues:
284
              '0': 'Default: Do not lock Backend User sessions to their IP address at all'
285
286
287
              '1': 'Use the first part of the editors'' IPv4 address (e.g. "192.") as part of the session locking of Backend Users'
              '2': 'Use the first two parts of the editors'' IPv4 address (e.g. "192.168") as part of the session locking of Backend Users'
              '3': 'Use the first three parts of the editors'' IPv4 address (e.g. "192.168.13") as part of the session locking of Backend Users'
288
              '4': 'Use the editors'' full IPv4 address (e.g. "192.168.13.84") as part of the session locking of Backend Users (highest security)'
289
            description: 'Session IP locking for backend users. See <a href="#FE-lockIP">[FE][lockIP]</a> for details.'
290
291
292
        lockIPv6:
            type: int
            allowedValues:
293
              '0': 'Default: Do not lock Backend User sessions to their IP address at all'
294
295
296
297
298
299
300
              '1': 'Use the first block (16 bits) of the editors'' IPv6 address (e.g. "2001:") as part of the session locking of Backend Users'
              '2': 'Use the first two blocks (32 bits) of the editors'' IPv6 address (e.g. "2001:0db8") as part of the session locking of Backend Users'
              '3': 'Use the first three blocks (48 bits) of the editors'' IPv6 address (e.g. "2001:0db8:85a3") as part of the session locking of Backend Users'
              '4': 'Use the first four blocks (64 bits) of the editors'' IPv6 address (e.g. "2001:0db8:85a3:08d3") as part of the session locking of Backend Users'
              '5': 'Use the first five blocks (80 bits) of the editors'' IPv6 address (e.g. "2001:0db8:85a3:08d3:1319") as part of the session locking of Backend Users'
              '6': 'Use the first six blocks (96 bits) of the editors'' IPv6 address (e.g. "2001:0db8:85a3:08d3:1319:8a2e") as part of the session locking of Backend Users'
              '7': 'Use the first seven blocks (112 bits) of the editors'' IPv6 address (e.g. "2001:0db8:85a3:08d3:1319:8a2e:0370") as part of the session locking of Backend Users'
301
              '8': 'Use the editors'' full IPv6 address (e.g. "2001:0db8:85a3:08d3:1319:8a2e:0370:7344") as part of the session locking of Backend Users (highest security)'
302
            description: 'Session IPv6 locking for backend users. See <a href="#FE-lockIPv6">[FE][lockIPv6]</a> for details.'
303
304
        sessionTimeout:
            type: int
305
            description: 'Session time out for backend users in seconds. The value must be at least 180 to avoid side effects. Default is 28.800 seconds = 8 hours.'
306
307
        IPmaskList:
            type: list
308
            description: 'Lets you define a list of IP-numbers (in CIDR-notation, e.g. 194.168.0.0/16,2002::1234:abcd:ffff:c0a8:101/64) that are the ONLY ones allowed access to ANY backend activity. On error an error header is sent and the script exits. Works like IP masking for users configurable through TSconfig. See syntax for that (or look up syntax for the function <code>\TYPO3\CMS\Core\Utility\GeneralUtility::cmpIP())</code>'
309
310
311
312
313
314
315
316
317
318
319
320
        lockSSL:
            type: bool
            description: 'If set, the backend can only be operated from an SSL-encrypted connection (https). A redirect to the SSL version of a URL will happen when a user tries to access non-https admin-urls'
        lockSSLPort:
            type: int
            description: 'Use a non-standard HTTPS port for lockSSL. Set this value if you use lockSSL and the HTTPS port of your webserver is not 443.'
        cookieDomain:
            type: text
            description: 'Same as <a href="#SYS-cookieDomain">$TYPO3_CONF_VARS[''SYS''][''cookieDomain'']</a> but only for BE cookies. If empty, $TYPO3_CONF_VARS[''SYS''][''cookieDomain''] value will be used.'
        cookieName:
            type: text
            description: 'Set the name for the cookie used for the back-end user session'
321
322
323
324
325
326
327
        cookieSameSite:
          type: text
          allowedValues:
            'lax': 'Cookies set by TYPO3 are only available for the current site, third-party integrations are not allowed to read cookies, except for links and simple HTML forms'
            'strict': 'Cookies sent by TYPO3 are only available for the current site, never shared to other third-party packages'
            'none': 'Allow cookies set by TYPO3 to be sent to other sites as well, please note - this only works with HTTPS connections'
          description: 'Indicates that the cookie should send proper information where the cookie can be shared (first-party cookies vs. third-party cookies) in TYPO3 Backend.'
328
329
330
331
332
        showRefreshLoginPopup:
            type: bool
            description: 'If set, the Ajax relogin will show a real popup window for relogin after the count down. Some auth services need this as they add custom validation to the login form. If it''s not set, the Ajax relogin will show an inline relogin window.'
        adminOnly:
            type: int
333
334
335
336
337
338
            allowedValues:
              '-1': 'Total shutdown for maintenance purposes'
              '0': 'Default: All users can access the TYPO3 Backend'
              '1': 'Only administrators / system maintainers can log in, CLI interface is disabled as well'
              '2': 'Only administrators / system maintainers have access to the TYPO3 Backend, CLI executions are allowed as well'
            description: 'Restricts access to the TYPO3 Backend - especially useful when doing maintenance or updates'
339
340
341
342
343
        disable_exec_function:
            type: bool
            description: 'Don''t use exec() function (except for ImageMagick which is disabled by <a href="#GFX-im">[GFX][im]</a>=0). If set, all file operations are done by the default PHP-functions. This is necessary under Windows! On Unix the system commands by exec() can be used, unless this is disabled.'
        compressionLevel:
            type: text
344
            description: 'Determines output compression of BE output. Makes output smaller but slows down the page generation depending on the compression level. Requires a) zlib in your PHP installation and b) special rewrite rules for .css.gz and .js.gz (please see <code>_.htaccess</code> for an example). Range 1-9, where 1 is least compression and 9 is greatest compression. ''true'' as value will set the compression based on the PHP default settings (usually 5). Suggested and most optimal value is 5.'
345
346
347
348
349
350
351
352
        checkStoredRecords:
            type: bool
            description: 'If set, values of the record are validated after saving in DataHandler. Disable only if using a database in strict mode.'
        checkStoredRecordsLoose:
            type: bool
            description: 'If set, make a loose comparison ('''' equals 0) when validating record values after saving in DataHandler.'
        fileDenyPattern:
            type: text
353
            description: 'A perl-compatible and JavaScript-compatible regular expression (without delimiters "/"!) that - if it matches a filename - will deny the file upload/rename or whatever. For security reasons, files with multiple extensions have to be denied on an Apache environment with mod_alias, if the filename contains a valid php handler in an arbitrary position. Also, ".htaccess" files have to be denied. Matching is done case-insensitive. Default value is stored in PHP constant FILE_DENY_PATTERN_DEFAULT'
354
355
        interfaces:
            type: text
356
            description: 'This determines which interface options are available in the login prompt (All options: "backend,frontend")'
357
358
359
360
361
        flexformForceCDATA:
            type: bool
            description: 'If set, will add CDATA to Flexform XML. Some versions of libxml have a bug that causes HTML entities to be stripped from any XML content and this setting will avoid the bug by adding CDATA.'
        versionNumberInFilename:
            type: bool
362
            description: |
363
364
365
366
              If enabled, included CSS and JS files loaded in the TYPO3 Backend will have the timestamp embedded in the filename, ie. <code>filename.1269312081.js</code>.
              This will make browsers and proxies reload the files if they change (thus avoiding caching issues).
              <strong>IMPORTANT:</strong> This feature requires extra <code>.htaccess</code> rules to work (please refer to the <code>typo3/sysext/install/Resources/Private/FolderStructureTemplateFiles/root-htaccess</code> file shipped with TYPO3).<br />
              If disabled the last modification date of the file will be appended as a query-string.
367
368
        debug:
            type: bool
369
            description: 'If enabled, the loginrefresh is disabled and pageRenderer is set to debug mode. Furthermore the fieldname is appended to the label of fields. Use this to debug the backend only!'
370
371
372
373
374
375
        passwordHashing:
            type: container
            items:
                className:
                    type: dropdown
                    allowedValues:
376
                        'TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash': 'Good password hash mechanism. Used by default if available.'
377
                        'TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2idPasswordHash': 'Good password hash mechanism.'
378
379
380
                        'TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash': 'Good password hash mechanism.'
                        'TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash': 'Fallback hash mechanism if argon and bcrypt are not available.'
                        'TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash': 'Fallback hash mechanism if none of the above are available.'
381
382
383
                options:
                    type: array
                    description: 'Special settings for specific hashes.'
384
385
FE:
    type: container
386
    description: 'Frontend'
387
388
389
390
391
392
    items:
        addAllowedPaths:
            type: list
            description: 'Additional relative paths (comma-list) to allow TypoScript resources be in. Should be prepended with ''/''. If not, then any path where the first part is like this path will match. That is: ''myfolder/ , myarchive'' will match eg. ''myfolder/'', ''myarchive/'', ''myarchive_one/'', ''myarchive_2/'' ... No check is done to see if this directory actually exists in the root of the site. Paths are matched by simply checking if these strings equals the first part of any TypoScript resource filepath. (See class template, function init() in <code>\TYPO3\CMS\Core\TypoScript\Parser\TypoScriptParser)</code>'
        debug:
            type: bool
393
            description: 'If enabled, the total parsetime of the page is added as HTTP response header "X-TYPO3-Parsetime". This can also be enabled/disabled via the TypoScript option <code>config.debug = 0</code>.'
394
395
396
397
398
399
400
401
        compressionLevel:
            type: int
            description: 'Determines output compression of FE output. Makes output smaller but slows down the page generation depending on the compression level. Requires zlib in your PHP installation. Range 1-9, where 1 is least compression and 9 is greatest compression. ''true'' as value will set the compression based on the PHP default settings (usually 5). Suggested and most optimal value is 5.'
        pageNotFoundOnCHashError:
            type: bool
            description: 'If TRUE, a page not found call is made when cHash evaluation error occurs, otherwise caching is disabled and page output is displayed.'
        pageUnavailable_force:
            type: bool
402
            description: 'If TRUE, every frontend page is shown as "unavailable". If the client matches <a href="#SYS-devIPmask">[SYS][devIPmask]</a>, the page is shown as normal. This is useful during temporary site maintenance.'
403
404
405
406
407
408
        addRootLineFields:
            type: list
            description: 'Comma-list of fields from the ''pages''-table. These fields are added to the select query for fields in the rootline.'
        checkFeUserPid:
            type: bool
            description: 'If set, the pid of fe_user logins must be sent in the form as the field ''pid'' and then the user must be located in the pid. If you unset this, you should change the fe_users.username eval-flag ''uniqueInPid'' to ''unique'' in $TCA. This will do: <code>$TCA[''fe_users''][''columns''][''username''][''config''][''eval'']= ''nospace,lower,required,unique'';</code>'
409
410
411
412
413
414
415
416
417
418
419
420
421
422
        loginRateLimit:
          type: int
          description: 'Maximum amount of login attempts for the time interval in [FE][loginRateLimitInterval], before further login requests will be denied. Setting this value to "0" will disable login rate limiting.'
        loginRateLimitInterval:
          type: dropdown
          allowedValues:
            '1 minute': '1 minute'
            '5 minutes': '5 minutes'
            '15 minutes': '15 minutes'
            '30 minutes': '30 minutes'
          description: 'Allowed time interval for the configured rate limit. Individual values using PHP relative formats can be set in AdditionalConfiguration.php.'
        loginRateLimitIpExcludeList:
          type: list
          description: 'IP-numbers (with *-wildcards) that are excluded from rate limiting. Syntax similar to [BE][IPmaskList]. An empty value disables the exclude list check.'
423
424
        lockIP:
            type: int
425
            allowedValues:
426
              '0': 'Default: Do not lock Frontend User sessions to their IP address at all'
427
              '1': 'Use the first part of the visitors'' IPv4 address (e.g. "192.") as part of the session locking of Frontend Users'
428
              '2': 'Use the first two parts of the visitors'' IPv4 address (e.g. "192.168") as part of the session locking of Frontend Users'
429
              '3': 'Use the first three parts of the visitors'' IPv4 address (e.g. "192.168.13") as part of the session locking of Frontend Users'
430
              '4': 'Use the visitors'' full IPv4 address (e.g. "192.168.13.84") as part of the session locking of Frontend Users (highest security)'
431
            description: 'If activated, Frontend Users are locked to (a part of) their public IP (<code>$_SERVER[''REMOTE_ADDR'']</code>) for their session, if REMOTE_ADDR is an IPv4-address. Enhances security but may throw off users that may change IP during their session (in which case you can lower it). The integer indicates how many parts of the IP address to include in the check for the session.'
432
433
434
        lockIPv6:
            type: int
            allowedValues:
435
              '0': 'Default: Do not lock Backend User sessions to their IP address at all'
436
437
438
439
440
441
442
              '1': 'Use the first block (16 bits) of the editors'' IPv6 address (e.g. "2001:") as part of the session locking of Backend Users'
              '2': 'Use the first two blocks (32 bits) of the editors'' IPv6 address (e.g. "2001:0db8") as part of the session locking of Backend Users'
              '3': 'Use the first three blocks (48 bits) of the editors'' IPv6 address (e.g. "2001:0db8:85a3") as part of the session locking of Backend Users'
              '4': 'Use the first four blocks (64 bits) of the editors'' IPv6 address (e.g. "2001:0db8:85a3:08d3") as part of the session locking of Backend Users'
              '5': 'Use the first five blocks (80 bits) of the editors'' IPv6 address (e.g. "2001:0db8:85a3:08d3:1319") as part of the session locking of Backend Users'
              '6': 'Use the first six blocks (96 bits) of the editors'' IPv6 address (e.g. "2001:0db8:85a3:08d3:1319:8a2e") as part of the session locking of Backend Users'
              '7': 'Use the first seven blocks (112 bits) of the editors'' IPv6 address (e.g. "2001:0db8:85a3:08d3:1319:8a2e:0370") as part of the session locking of Backend Users'
443
              '8': 'Use the visitors'' full IPv6 address (e.g. "2001:0db8:85a3:08d3:1319:8a2e:0370:7344") as part of the session locking of Backend Users (highest security)'
444
            description: 'If activated, Frontend Users are locked to (a part of) their public IP (<code>$_SERVER[''REMOTE_ADDR'']</code>) for their session, if REMOTE_ADDR is an IPv6-address. Enhances security but may throw off users that may change IP during their session (in which case you can lower it). The integer indicates how many parts of the IP address to include in the check for the session.'
445
446
        lifetime:
            type: int
447
            description: 'If >0 and the option permalogin is >=0, the cookie of FE users will have a lifetime of the number of seconds this value indicates. Otherwise it will be a session cookie (deleted when browser is shut down). Setting this value to 604800 will result in automatic login of FE users during a whole week, 86400 will keep the FE users logged in for a day.'
448
449
450
        sessionTimeout:
            type: int
            description: 'Server side session timeout for frontend users in seconds. Will be overwritten by the lifetime property if the lifetime is longer.'
451
452
        sessionDataLifetime:
            type: int
453
            description: 'If >0, the session data of an anonymous session will timeout and be removed after the number of seconds given (86400 seconds represents 24 hours).'
454
455
        permalogin:
            type: text
456
            description: '<dl><dt>-1</dt><dd>Permanent login for FE users is disabled.</dd><dt>0</dt><dd>By default permalogin is disabled for FE users but can be enabled by a form control in the login form.</dd><dt>1</dt><dd>Permanent login is by default enabled but can be disabled by a form control in the login form.</dd><dt>2</dt><dd>Permanent login is forced to be enabled.</dd></dl> In any case, permanent login is only possible if <a href="#FE-lifetime">[FE][lifetime]</a> lifetime is > 0.'
457
458
459
460
461
462
        cookieDomain:
            type: text
            description: 'Same as <a href="#SYS-cookieDomain">$TYPO3_CONF_VARS[''SYS''][''cookieDomain'']</a> but only for FE cookies. If empty, $TYPO3_CONF_VARS[''SYS''][''cookieDomain''] value will be used.'
        cookieName:
            type: text
            description: 'Set the name for the cookie used for the front-end user session'
463
464
465
466
467
468
469
        cookieSameSite:
          type: text
          allowedValues:
            'lax': 'Cookies set by TYPO3 are only available for the current site, third-party integrations are not allowed to read cookies, except for links and simple HTML forms'
            'strict': 'Cookies sent by TYPO3 are only available for the current site, never shared to other third-party packages'
            'none': 'Allow cookies set by TYPO3 to be sent to other sites as well, please note - this only works with HTTPS connections'
          description: 'Indicates that the cookie should send proper information where the cookie can be shared (first-party cookies vs. third-party cookies) in TYPO3 Frontend.'
470
471
472
473
474
475
        defaultUserTSconfig:
            type: multiline
            description: 'Enter lines of default frontend user/group TSconfig.'
        defaultTypoScript_constants:
            type: multiline
            description: 'Enter lines of default TypoScript, constants-field.'
476
            compareValuesWithCurrentConfiguration: false
477
478
479
        defaultTypoScript_setup:
            type: multiline
            description: 'Enter lines of default TypoScript, setup-field.'
480
            compareValuesWithCurrentConfiguration: false
481
482
483
484
485
486
487
488
        additionalAbsRefPrefixDirectories:
            type: text
            description: 'Enter additional directories to be prepended with absRefPrefix. Directories must be comma-separated. TYPO3 already prepends the following directories: typo3/, typo3temp/, typo3conf/ext/ and all local storages'
        enable_mount_pids:
            type: bool
            description: 'If enabled, the mount_pid feature allowing ''symlinks'' in the page tree (for frontend operation) is allowed.'
        hidePagesIfNotTranslatedByDefault:
            type: bool
489
            description: 'If enabled, pages that has no translation will be hidden by default. Basically this will inverse the effect of the page localization setting "Hide page if no translation for current language exists" to "Show page even if no translation exists"'
490
491
492
        disableNoCacheParameter:
            type: bool
            description: 'If set, the no_cache request parameter will become ineffective. This is currently still an experimental feature and will require a website only with plugins that don''t use this parameter. However, using "&amp;no_cache=1" should be avoided anyway because there are better ways to disable caching for a certain part of the website (see COA_INT/USER_INT documentation in TSref).'
493
494
495
496
497
498
499
500
501
502
503
        cacheHash:
          type: container
          items:
              cachedParametersWhiteList:
                  type: array
                  description: 'Only the given parameters will be evaluated in the cHash calculation. Example: tx_news_pi1[uid]'
              requireCacheHashPresenceParameters:
                  type: array
                  description: 'Configure Parameters that require a cHash. If no cHash is given but one of the parameters are set, then TYPO3 triggers the configured cHash Error behaviour'
              excludedParameters:
                  type: array
504
                  description: 'The given parameters will be ignored in the cHash calculation. Example: L,tx_search_pi1[query]'
505
506
507
508
509
510
              excludedParametersIfEmpty:
                  type: array
                  description: 'Configure Parameters that are only relevant for the cHash if there''s an associated value available. Set excludeAllEmptyParameters to true to skip all empty parameters.'
              excludeAllEmptyParameters:
                  type: bool
                  description: 'If true, all parameters which are relevant for cHash are only considered if they are non-empty.'
511
512
513
        additionalCanonicalizedUrlParameters:
            type: array
            description: The given parameters will be included when calculating canonicalized URL
514
515
516
517
518
        workspacePreviewLogoutTemplate:
            type: text
            description: 'If set, points to an HTML file relative to the TYPO3_site root which will be read and outputted as template for this message. Example: <code>fileadmin/templates/template_workspace_preview_logout.html</code>. Inside you can put the marker %1$s to insert the URL to go back to. Use this in <code>&lt;a href="%1$s"&gt;Go back...&lt;/a&gt;</code> links.'
        versionNumberInFilename:
            type: dropdown
519
520
521
522
523
524
525
            allowedValues:
              '': "Do not include the version/timestamp of the file at all"
              'embed': 'Include the timestamp of the last modification timestamp of files embedded in the filename - e.g. "filename.1269312081.js"'
              'querystring': 'Default - Append the last modification timestamp of the file as query string e.g. "filename.js?1269312081"'
            description: |
              Allows to automatically include a version number (timestamp of the file) to referred CSS and JS filenames
              on the rendered page. This will make browsers and proxies reload the files if they change (thus avoiding caching issues).
526
              <strong>IMPORTANT</strong>: ''embed'' requires extra <code>.htaccess</code> rules to work (please refer to the <code>root-htaccess</code> file shipped with TYPO3 in <code>typo3/sysext/install/Resources/Private/FolderStructureTemplateFiles</code>)
527
528
529
530
531
532
        passwordHashing:
            type: container
            items:
                className:
                    type: dropdown
                    allowedValues:
533
                        'TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2iPasswordHash': 'Good password hash mechanism. Used by default if available.'
534
                        'TYPO3\CMS\Core\Crypto\PasswordHashing\Argon2idPasswordHash': 'Good password hash mechanism.'
535
536
537
                        'TYPO3\CMS\Core\Crypto\PasswordHashing\BcryptPasswordHash': 'Good password hash mechanism.'
                        'TYPO3\CMS\Core\Crypto\PasswordHashing\Pbkdf2PasswordHash': 'Fallback hash mechanism if argon and bcrypt are not available.'
                        'TYPO3\CMS\Core\Crypto\PasswordHashing\PhpassPasswordHash': 'Fallback hash mechanism if none of the above are available.'
538
539
540
                options:
                    type: array
                    description: 'Special settings for specific hashes.'
541
542
543
544
        exposeRedirectInformation:
          type: bool
          description: 'If set, redirects executed by TYPO3 publicly expose the page ID in the HTTP header. As this is an internal information about the TYPO3 system, it should only be enabled for debugging purposes.'

545
546
MAIL:
    type: container
547
    description: 'Mail'
548
    items:
549
550
551
552
        format:
            type: dropdown
            allowedValues:
                'html': 'Send emails only in HTML format'
553
                'plain': 'Send emails only in plain text format'
554
555
556
557
558
559
560
561
562
563
564
                'both': 'Send emails in HTML and plain text format'
            description: 'The Mailer API allows to send out templated emails, which can be configured on a system-level to send out HTML-based emails or plain text emails, or emails with both variants.'
        layoutRootPaths:
            type: array
            description: 'List of paths to look for layouts for templated emails. Should be specified as .txt and .html files.'
        partialRootPaths:
            type: array
            description: 'List of paths to look for partials for templated emails. Should be specified as .txt and .html files.'
        templateRootPaths:
            type: array
            description: 'List of paths to look for template files for templated emails. Should be specified as .txt and .html files.'
565
566
567
        validators:
            type: array
            description: 'List of validators used to validate an email address. <br>Available validators are <code>\Egulias\EmailValidator\Validation\DNSCheckValidation</code>, <code>\Egulias\EmailValidator\Validation\SpoofCheckValidation</code>, <code>\Egulias\EmailValidator\Validation\NoRFCWarningsValidation</code> or by implementing a custom validator.'
568
569
        transport:
            type: text
570
            description: '<dl><dt>smtp</dt><dd>Sends messages over the (standardized) Simple Message Transfer Protocol. It can deal with encryption and authentication. Most flexible option, requires a mail server and configurations in transport_smtp_* settings below. Works the same on Windows, Unix and MacOS.</dd><dt>sendmail</dt><dd>Sends messages by communicating with a locally installed MTA - such as sendmail. See setting transport_sendmail_command bellow.<dd><dt>dsn</dt><dd>Sends messages with the Symfony Mailer. Configure [MAIL][dsn] setting below.</dd><dt>mbox</dt><dd>This doesn''t send any mail out, but instead will write every outgoing mail to a file adhering to the RFC 4155 mbox format, which is a simple text file where the mails are concatenated. Useful for debugging the mail sending process and on development machines which cannot send mails to the outside. Configure the file to write to in the ''transport_mbox_file'' setting below</dd><dt>&lt;classname&gt;</dt><dd>Custom class which implements \Symfony\Component\Mailer\Transport\TransportInterface. The constructor receives all settings from the MAIL section to make it possible to add custom settings.</dd></dl>'
571
572
573
574
        transport_smtp_server:
            type: text
            description: '<em>only with transport=smtp</em>: &lt;server:port> of mailserver to connect to. &lt;port> defaults to "25".'
        transport_smtp_encrypt:
575
            type: bool
576
            description: '<em>only with transport=smtp</em>: Connect to the server using SSL/TLS (disables STARTTLS which is used by default if supported by the server). Must not be enabled when connecting to port 587, as servers will use STARTTLS (inner encryption) via SMTP instead of SMTPS. It will automatically be enabled if port is 465.'
577
578
579
580
        transport_smtp_username:
            type: text
            description: '<em>only with transport=smtp</em>: If your SMTP server requires authentication, enter your username here.'
        transport_smtp_password:
581
            type: password
582
            description: '<em>only with transport=smtp</em>: If your SMTP server requires authentication, enter your password here.'
583
584
585
        transport_smtp_domain:
          type: text
          description: '<em>only with transport=smtp</em>: Mail domain under which emails will be sent.'
586
        transport_smtp_restart_threshold:
587
588
          type: int
          description: '<em>only with transport=smtp</em>: Sets the maximum number of messages to send before re-starting the transport.'
589
        transport_smtp_restart_threshold_sleep:
590
          type: int
591
592
          description: '<em>only with transport=smtp</em>: The number of seconds to sleep between stopping and re-starting the transport.'
        transport_smtp_ping_threshold:
593
          type: int
594
595
596
597
598
599
          description: '<em>only with transport=smtp</em>: Sets the minimum number of seconds required between two messages, before the server is pinged.'
        transport_smtp_stream_options:
          type: mixed
          description: |
            <em>only with transport=smtp</em>: Sets the stream context options for the smtp stream<br />
            The configuration with an array must be made in the <code>AdditionalConfiguration.php</code>; see <a href="https://docs.typo3.org/m/typo3/reference-coreapi/master/en-us/ApiOverview/GlobalValues/Typo3ConfVars/Index.html#file-additionalconfiguration-php" target="_blank" rel="noreferrer">the documentation</a> for details.<br />
600
601
602
603
604
605
        transport_sendmail_command:
            type: text
            description: '<em>only with transport=sendmail</em>: The command to call to send a mail locally.'
        transport_mbox_file:
            type: text
            description: '<em>only with transport=mbox</em>: The file where to write the mails into. This file will be conforming the mbox format described in RFC 4155. It is a simple text file with a concatenation of all mails. Path must be absolute.'
606
607
        transport_spool_type:
            type: text
608
            description: '<dl><dt>file</dt><dd>Messages get stored to the file system till they get sent through the command mailer:spool:send.</dd><dt>memory</dt><dd>Messages get sent at the end of the running process.</dd><dt>&lt;classname&gt;</dt><dd>Custom class which implements the \TYPO3\CMS\Core\Mail\DelayedTransportInterface interface.</dd></dl>'
609
610
611
        transport_spool_filepath:
            type: text
            description: '<em>only with transport_spool_type=file</em>: Path where messages get temporarily stored. Ensure that this is stored outside of your webroot.'
612
613
614
        dsn:
          type: text
          description: '<em>only with transport=dsn</em>: The DSN configuration of the Symfony mailer (eg. smtp://user:pass@smtp.example.com:25). For 3rd party transports you have to add additional dependencies. See https://symfony.com/doc/current/mailer.html for more details.'
615
616
        defaultMailFromAddress:
            type: text
617
            description: 'This default email address is used when no other "from" address is set for a TYPO3-generated email. You can specify an email address only (eg. info@example.org).'
618
619
620
        defaultMailFromName:
            type: text
            description: 'This default name is used when no other "from" name is set for a TYPO3-generated email.'
621
622
623
624
625
626
        defaultMailReplyToAddress:
            type: text
            description: 'This default email address is used when no other "reply-to" address is set for a TYPO3-generated email. You can specify an email address only (eg. info@example.org).'
        defaultMailReplyToName:
            type: text
            description: 'This default name is used when no other "reply-to" name is set for a TYPO3-generated email.'
627
628
HTTP:
    type: container
629
    description: 'Connection'
630
631
632
633
634
635
636
637
638
    items:
        cert:
            type: mixed
            description: 'Mixed: Set to a string to specify the path to a file containing a PEM formatted client side certificate. See http://docs.guzzlephp.org/en/latest/request-options.html#cert'
        connect_timeout:
            type: int
            description: 'Default timeout for connection. Exception will be thrown if connecting to remote host takes more than this number of seconds.'
        proxy:
            type: mixed
639
            description: |
640
641
642
              Default single proxy server as &quot;proxy.example.org&quot;.<br />
              Multiple proxies for different protocols can be added separately as array as well as authentication and port; see <a href="http://docs.guzzlephp.org/en/latest/request-options.html#proxy" target="_blank" rel="noreferrer">the documentation</a> for details.<br />
              The configuration with an array must be made in the <code>AdditionalConfiguration.php</code>; see <a href="https://docs.typo3.org/m/typo3/reference-coreapi/master/en-us/ApiOverview/GlobalValues/Typo3ConfVars/Index.html#file-additionalconfiguration-php" target="_blank" rel="noreferrer">the documentation</a> for details.<br />
643
644
645
646
647
648
649
650
651
652
653
654
        ssl_key:
            type: mixed
            description: 'Mixed: Local certificate and an optional passphrase, see http://docs.guzzlephp.org/en/latest/request-options.html#ssl-key'
        timeout:
            type: int
            description: 'Default timeout for whole request. Exception will be thrown if sending the request takes more than this number of seconds. Should be greater than connection timeout (see above) or "0" to not set a limit. Defaults to "0".'
        verify:
            type: mixed
            description: 'Mixed: Describes the SSL certificate verification behavior of a request. http://docs.guzzlephp.org/en/latest/request-options.html#verify'
        version:
            type: text
            description: 'Default HTTP protocol version. Use either "1.0" or "1.1".'