This section describes how to configure Content Studio via the config file.
The file should be called
com.enonic.app.contentstudio.cfg and placed into the
$XP_HOME/config folder of your XP installation.
Disable "Mark as Ready" in the Publishing Wizard
Whenever the Publishing Wizard contains at least one item that is "Work in progress", publishing will be disabled. The editor can overrule this by applying "Mark as ready" bulk action from the button dropdown menu and marking all of such items as "Ready for Publishing".
To add another level of restriction and prevent accidental publishing of items that are not ready for publishing, the "Mark as ready" bulk action can be disabled by adding the following parameter to the config file:
publishingWizard.allowContentUpdate = false
Matching mode for content type patterns
Defines matching mode for content type patterns. Can be
MATCH. See description.
contentTypePatternMode = MATCH
Max file upload size
Used for setting size limit on attachments, media content and both project and content thumbnail uploads
uploadMaxFileSize = 100mb
Content path transliteration
Turn off automatic transliteration of content path when generating it based on a value typed into the display name field in the Content form.
Content Security Policy
|You may need to tweak CSP settings in Content Studio only if you are building a widget which will be embedded inside Content Studio where you want to allow references to external resources or other potentially unsafe (from the CSP point of view) actions. If CSP errors appear when your content is rendered (when you preview or edit content in Content Studio), then you need to configure CSP settings in XP admin config.|
You can provide your own header for Content Security Policy using
contentSecurityPolicy.header property. For example, Google Analytics injects its own scripts referring to external domains, so we are using the following CSP headers for the Google Analytics widget not to be blocked in Content Studio:
contentSecurityPolicy.header=default-src 'self'; connect-src 'self' ws: wss: https://*.gstatic.com https://*.googleapis.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.google.com https://*.googleapis.com https://*.gstatic.com; object-src 'none'; style-src 'self' 'unsafe-inline' https://*.gstatic.com; img-src 'self' data:; frame-src 'self' https://*.googleapis.com
Turn off Content Security Policy by setting
contentSecurityPolicy.enabled property to
Disable Default Project
Disable the Default Project by setting
settings.hideDefaultProject property to
|If the Default project is hidden and a logged-in user doesn’t have access to any projects and has necessary permissions, he/she will be asked to create a new Content Project using multistep wizard.|