PIXILAB Wiki

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
blocks:server_configuration_file [2024-10-22 09:35] – ↷ Links adapted because of a move operation adminblocks:server_configuration_file [2025-11-12 09:13] (current) – Note for spotSnap added in 7.4 admin
Line 4: Line 4:
  
   * By changing configuration options for the Blocks server itself. This is done through a configuration file read by the Blocks server as it starts up.   * By changing configuration options for the Blocks server itself. This is done through a configuration file read by the Blocks server as it starts up.
-  * By changing operating system settings to activate other, complementary features, such as DNS, DHCP, remote access, enterprise wifi network integration, etc. Such configuration is done in other parts of the system, and is mainly supported when running on a [[blocks:server:creating_a_server-pre-7|Linux]] server.+  * By changing operating system settings to activate other, complementary features, such as DNS, DHCP, remote access, enterprise wifi network integration, etc. Such configuration is done in other parts of the system, and is mainly supported when running on a [[blocks:server:creating_a_server|Linux]] server.
  
 ===== Configuration File Settings ===== ===== Configuration File Settings =====
Line 105: Line 105:
   * **type**. Server type. Must be set to //pixilab_server//.   * **type**. Server type. Must be set to //pixilab_server//.
   * **corsPath** and **corsAllowOrigin**. If you want to accept calls from other servers/clients, e.g., to endpoints specified by user scripts (using the [[https://github.com/pixilab/blocks-script/blob/master/system_lib/Metadata.ts#L136|@resource annotation]]), specify the root path of such requests, and the [[https://stackoverflow.com/questions/10636611/how-does-access-control-allow-origin-header-work|Access-Control-Allow-Origin]] header to be returned here.   * **corsPath** and **corsAllowOrigin**. If you want to accept calls from other servers/clients, e.g., to endpoints specified by user scripts (using the [[https://github.com/pixilab/blocks-script/blob/master/system_lib/Metadata.ts#L136|@resource annotation]]), specify the root path of such requests, and the [[https://stackoverflow.com/questions/10636611/how-does-access-control-allow-origin-header-work|Access-Control-Allow-Origin]] header to be returned here.
-  * ** applicationConnectors**. specifies the connection details for the web server, such as port numbers used, etc. +  * ** applicationConnectors**. Specifies the connection details for the web server, such as port numbers used, etc.  
 +  * **allowCrossSiteAuth**. Set to true to allow cross-site authentication (e.g. for the Blocks editor), such as from within an IFRAME. Browsers allow this only under HTTPS, so you'll need HTTPS and a certificate to use this feature in addition to setting this option to true.
  
 See below for details on server sub-options. See below for details on server sub-options.
Line 194: Line 195:
 apiKeys: apiKeys:
   upload: "super-secret" # Value required as apiKey query parameter for uploads   upload: "super-secret" # Value required as apiKey query parameter for uploads
 +  spotSnap: "spot-screen-spy" # Value required as apiKey for viewing screenshots
   customKey: "super-secret2"   customKey: "super-secret2"
 </code> </code>
  
 The //upload// key's value (if specified) will be used by Blocks' [[blocks:api:upload|file upload API]]. When specified, all uploads must add an //apiKey// query parameter to their URL, with the value specified for the //upload// key. The //upload// key's value (if specified) will be used by Blocks' [[blocks:api:upload|file upload API]]. When specified, all uploads must add an //apiKey// query parameter to their URL, with the value specified for the //upload// key.
 +
 +The //spotSnap// key's value (if specified) will allow Blocks' [[blocks:api:spot-screenshot|Display Spot Screenshot API]] to be used from non-authenticated clients. This setting was added in Blocks 7.4.
  
 You can specify additional key/value pairs, as exemplified by the //customKey// key/value shown above. Such a key can then be applied to custom API endpoints decorated by @resource by also applying an @apiKey decorator, like this: You can specify additional key/value pairs, as exemplified by the //customKey// key/value shown above. Such a key can then be applied to custom API endpoints decorated by @resource by also applying an @apiKey decorator, like this: