3f82b61683
Fixes #56
47 lines
2.0 KiB
Markdown
47 lines
2.0 KiB
Markdown
# Options
|
|
|
|
## CORS
|
|
|
|
You can change the default CORS settings for redeeming and generating challenges by setting the `CORS_ORIGIN` environment variable when running the server. This defaults to `*`, which allows all origins.
|
|
|
|
## Asset server
|
|
|
|
The asset server is disabled by default. You can enable it by setting the `ENABLE_ASSETS_SERVER` environment variable to `true`. This will serve the assets from the `/assets` endpoint.
|
|
|
|
Then, make sure to set `WIDGET_VERSION` and `WASM_VERSION` to the correct version of the widget and WASM files you want to serve. This defaults to `latest`, which will serve the latest version of the widget and WASM files, although these are not recommended in production as they might serve breaking changes.
|
|
|
|
Your assets will be served from the following paths:
|
|
|
|
- `/assets/widget.js`
|
|
- `/assets/floating.js`
|
|
- `/assets/cap_wasm_bg.wasm`
|
|
- `/assets/cap_wasm.js`
|
|
|
|
You can use these in your app by setting the widget's script source to the appropriate path, like this:
|
|
|
|
```html
|
|
<script src="https://<server url>/assets/widget.js"></script>
|
|
```
|
|
|
|
For the floating mode, use:
|
|
|
|
```html
|
|
<script src="https://<server url>/assets/floating.js"></script>
|
|
```
|
|
|
|
And by setting `window.CAP_CUSTOM_WASM_URL` to the path of the `cap_wasm.js` file, like this:
|
|
|
|
```js
|
|
window.CAP_CUSTOM_WASM_URL = "https://<server url>/assets/cap_wasm.js";
|
|
```
|
|
|
|
By default, these fetch from `process.env.CACHE_HOST` (which defaults to `https://cdn.jsdelivr.net`). You can change this by setting the `CACHE_HOST` env variable when running the server.
|
|
|
|
## Rate-limiting
|
|
|
|
By default, Standalone will use Elysia's built-in `server.requestIP` function to identify a client's IP for ratelimiting. This might not be correct if you're using something like Cloudflare behind your service.
|
|
|
|
If so, you can change the IP extraction logic to simply read from a header set in `RATELIMIT_IP_HEADER` in your env. For example, if you were using Cloudflare, you might set `RATELIMIT_IP_HEADER` to `cf-connecting-ip`.
|
|
|
|
If you're interested in an option to fully disable ratelimiting, let us know using GitHub issues.
|