default.services.yml

Same filename in this branch
  1. 11.x core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/drupal-assets-fixture/assets/default.services.yml
  2. 11.x core/assets/scaffold/files/default.services.yml
  3. 11.x core/modules/package_manager/tests/fixtures/fake_site/sites/default/default.services.yml
Same filename in other branches
  1. 9 sites/default/default.services.yml
  2. 9 core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/drupal-assets-fixture/assets/default.services.yml
  3. 9 core/assets/scaffold/files/default.services.yml
  4. 8.9.x sites/default/default.services.yml
  5. 8.9.x core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/drupal-assets-fixture/assets/default.services.yml
  6. 8.9.x core/assets/scaffold/files/default.services.yml
  7. 10 sites/default/default.services.yml
  8. 10 core/tests/Drupal/Tests/Composer/Plugin/Scaffold/fixtures/drupal-assets-fixture/assets/default.services.yml
  9. 10 core/assets/scaffold/files/default.services.yml
sites/default/default.services.yml

File

sites/default/default.services.yml

View source 
  1. parameters:

  2.   # Toggles the super user access policy. If your website has at least one user

  3.   # with the Administrator role, it is advised to set this to false. This allows

  4.   # you to make user 1 a regular user, strengthening the security of your site.

  5.   security.enable_super_user: true

  6.   session.storage.options:

  7.     # Default ini options for sessions.

  8.     #

  9.     # Some distributions of Linux (most notably Debian) ship their PHP

  10.     # installations with garbage collection (gc) disabled. Since Drupal depends

  11.     # on PHP's garbage collection for clearing sessions, ensure that garbage

  12.     # collection occurs by using the most common settings.

  13.     # @default 1

  14.     gc_probability: 1

  15.     # @default 100

  16.     gc_divisor: 100

  17.     #

  18.     # Set session lifetime (in seconds), i.e. the grace period for session

  19.     # data. Sessions are deleted by the session garbage collector after one

  20.     # session lifetime has elapsed since the user's last visit. When a session

  21.     # is deleted, authenticated users are logged out, and the contents of the

  22.     # user's session is discarded.

  23.     # @default 200000

  24.     gc_maxlifetime: 200000

  25.     #

  26.     # Set session cookie lifetime (in seconds), i.e. the time from the session

  27.     # is created to the cookie expires, i.e. when the browser is expected to

  28.     # discard the cookie. The value 0 means "until the browser is closed".

  29.     # @default 2000000

  30.     cookie_lifetime: 2000000

  31.     #

  32.     # Drupal automatically generates a unique session cookie name based on the

  33.     # full domain name used to access the site. This mechanism is sufficient

  34.     # for most use-cases, including multi-site deployments. However, if it is

  35.     # desired that a session can be reused across different subdomains, the

  36.     # cookie domain needs to be set to the shared base domain. Doing so assures

  37.     # that users remain logged in as they cross between various subdomains.

  38.     # To maximize compatibility and normalize the behavior across user agents,

  39.     # the cookie domain should start with a dot.

  40.     #

  41.     # Sessions themselves will only be synchronized across subdomains if they

  42.     # are all served from the same Drupal installation or if some other session

  43.     # sharing mechanism is implemented.

  44.     #

  45.     # @default none

  46.     # cookie_domain: '.example.com'

  47.     #

  48.     # Set the SameSite cookie attribute: 'None', 'Lax', or 'Strict'. If set,

  49.     # this value will override the server value. See

  50.     # https://www.php.net/manual/en/session.security.ini.php for more

  51.     # information.

  52.     # @default no value

  53.     cookie_samesite: Lax

  54.     # By default, Drupal generates a session cookie name based on the full

  55.     # domain name. Set the name_suffix to a short random string to ensure this

  56.     # session cookie name is unique on different installations on the same

  57.     # domain and path (for example, when migrating from Drupal 7).

  58.     name_suffix: ''

  59.   twig.config:

  60.     # Twig debugging:

  61.     #

  62.     # When debugging is enabled:

  63.     # - The markup of each Twig template is surrounded by HTML comments that

  64.     #   contain theming information, such as template file name suggestions.

  65.     # - Note that this debugging markup will cause automated tests that directly

  66.     #   check rendered HTML to fail. When running automated tests, 'debug'

  67.     #   should be set to FALSE.

  68.     # - The dump() function can be used in Twig templates to output information

  69.     #   about template variables.

  70.     # - Twig templates are automatically recompiled whenever the source code

  71.     #   changes (see auto_reload below).

  72.     #

  73.     # For more information about debugging Twig templates, see

  74.     # https://www.drupal.org/node/1906392.

  75.     #

  76.     # Enabling Twig debugging is not recommended in production environments.

  77.     # @default false

  78.     debug: false

  79.     # Twig auto-reload:

  80.     #

  81.     # Automatically recompile Twig templates whenever the source code changes.

  82.     # If you don't provide a value for auto_reload, it will be determined

  83.     # based on the value of debug.

  84.     #

  85.     # Enabling auto-reload is not recommended in production environments.

  86.     # @default null

  87.     auto_reload: null

  88.     # Twig cache:

  89.     #

  90.     # By default, Twig templates will be compiled and stored in the filesystem

  91.     # to increase performance. Disabling the Twig cache will recompile the

  92.     # templates from source each time they are used. In most cases the

  93.     # auto_reload setting above should be enabled rather than disabling the

  94.     # Twig cache.

  95.     #

  96.     # Disabling the Twig cache is not recommended in production environments.

  97.     # @default true

  98.     cache: true

  99.     # File extensions:

  100.     #

  101.     # List of file extensions the Twig system is allowed to load via the

  102.     # twig.loader.filesystem service. Files with other extensions will not be

  103.     # loaded unless they are added here. For example, to allow a file named

  104.     # 'example.partial' to be loaded, add 'partial' to this list. To load files

  105.     # with no extension, add an empty string '' to the list.

  106.     #

  107.     # @default ['css', 'html', 'js', 'svg', 'twig']

  108.     allowed_file_extensions:

  109.       - css

  110.       - html

  111.       - js

  112.       - svg

  113.       - twig

  114.   renderer.config:

  115.     # Renderer required cache contexts:

  116.     #

  117.     # The Renderer will automatically associate these cache contexts with every

  118.     # render array, hence varying every render array by these cache contexts.

  119.     #

  120.     # @default ['languages:language_interface', 'theme', 'user.permissions']

  121.     required_cache_contexts: ['languages:language_interface', 'theme', 'user.permissions']

  122.     # Renderer automatic placeholdering conditions:

  123.     #

  124.     # Drupal allows portions of the page to be automatically deferred when

  125.     # rendering to improve cache performance. That is especially helpful for

  126.     # cache contexts that vary widely, such as the active user. On some sites

  127.     # those may be different, however, such as sites with only a handful of

  128.     # users. If you know what the high-cardinality cache contexts are for your

  129.     # site, specify those here. If you're not sure, the defaults are fairly safe

  130.     # in general.

  131.     #

  132.     # For more information about rendering optimizations see

  133.     # https://www.drupal.org/developing/api/8/render/arrays/cacheability#optimizing

  134.     auto_placeholder_conditions:

  135.       # Max-age at or below which caching is not considered worthwhile.

  136.       #

  137.       # Disable by setting to -1.

  138.       #

  139.       # @default 0

  140.       max-age: 0

  141.       # Cache contexts with a high cardinality.

  142.       #

  143.       # Disable by setting to [].

  144.       #

  145.       # @default ['session', 'user']

  146.       contexts: ['session', 'user']

  147.       # Tags with a high invalidation frequency.

  148.       #

  149.       # Disable by setting to [].

  150.       #

  151.       # @default []

  152.       tags: []

  153.     # Renderer cache debug:

  154.     #

  155.     # Allows cache debugging output for each rendered element.

  156.     #

  157.     # Enabling render cache debugging is not recommended in production

  158.     # environments.

  159.     # @default false

  160.     debug: false

  161.   # Cacheability debugging:

  162.   #

  163.   # Responses with cacheability metadata (CacheableResponseInterface instances)

  164.   # get X-Drupal-Cache-Tags, X-Drupal-Cache-Contexts and X-Drupal-Cache-Max-Age

  165.   # headers.

  166.   #

  167.   # For more information about debugging cacheable responses, see

  168.   # https://www.drupal.org/developing/api/8/response/cacheable-response-interface

  169.   #

  170.   # Enabling cacheability debugging is not recommended in production

  171.   # environments.

  172.   # @default false

  173.   http.response.debug_cacheability_headers: false

  174.   factory.keyvalue: {}

  175.   # Default key/value storage service to use.

  176.   # @default keyvalue.database

  177.   # default: keyvalue.database

  178.   # Collection-specific overrides.

  179.   # state: keyvalue.database

  180.   factory.keyvalue.expirable: {}

  181.   # Default key/value expirable storage service to use.

  182.   # @default keyvalue.database.expirable

  183.   # default: keyvalue.database.expirable

  184.   # Allowed protocols for URL generation.

  185.   filter_protocols:

  186.     - http

  187.     - https

  188.     - ftp

  189.     - news

  190.     - nntp

  191.     - tel

  192.     - telnet

  193.     - mailto

  194.     - irc

  195.     - ssh

  196.     - sftp

  197.     - webcal

  198.     - rtsp

  199. 

  200.   # Configure Cross-Site HTTP requests (CORS).

  201.   # Read https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

  202.   # for more information about the topic in general.

  203.   # Note: By default the configuration is disabled.

  204.   cors.config:

  205.     enabled: false

  206.     # Specifies allowed headers and sets the Access-Control-Allow-Headers

  207.     # header. For example, ['X-Custom-Header']. See

  208.     # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers

  209.     allowedHeaders: []

  210.     # Specifies allowed request methods and sets the

  211.     # Access-Control-Allow-Methods header. For example, ['POST', 'GET',

  212.     # 'OPTIONS'] or ['*'] to allow all. Note the wildcard is not yet implemented

  213.     # in all browsers. See

  214.     # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods

  215.     allowedMethods: []

  216.     # Configure requests allowed from specific origins and sets the

  217.     # Access-Control-Allow-Origin header. For example,

  218.     # ['https://www.drupal.org'] or ['*'] to allow any origin to access your

  219.     # resource. See

  220.     # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin

  221.     allowedOrigins: ['*']

  222.     # Configure requests allowed from origins, matching against regex patterns.

  223.     allowedOriginsPatterns: []

  224.     # Sets the Access-Control-Expose-Headers header. The default is false which

  225.     # means the header will not be set. To set the header use a comma delimited

  226.     # list within square brackets. For example, ['Content-Type', 'Expires'] or

  227.     # ['*'] to expose all headers. Setting exposedHeaders: ['*'] will result in

  228.     # a Access-Control-Expose-Headers: * response header. See

  229.     # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers

  230.     exposedHeaders: false

  231.     # Setting Access-Control-Max-Age header value to '0' or false will omit this

  232.     # from the response. However, setting it to '-1' will explicitly disable

  233.     # caching. For example, setting the value to 600 will cache results of a

  234.     # preflight request for 10 minutes. See

  235.     # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age

  236.     maxAge: false

  237.     # Sets the Access-Control-Allow-Credentials header if set to true. See

  238.     # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials

  239.     supportsCredentials: false

  240. 

  241.   queue.config:

  242.     # The maximum number of seconds to wait if a queue is temporarily suspended.

  243.     # This is not applicable when a queue is suspended but does not specify

  244.     # how long to wait before attempting to resume.

  245.     suspendMaximumWait: 30

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.