New
Guide
bots:
- import: (data)/meta/default-config.yaml
# Default challenge policy
- name: default
action: CHALLENGE
expression: 'true'
- name: allow-api-oauth
action: ALLOW
expression:
any:
- path.startsWith("/api")
- path.startsWith("/oauth")
- name: allow-inbox
action: ALLOW
expression:
any:
- path.startsWith("/inbox")
- path.matches("^/users/[^/]+/inbox")
- name: allow-authorize-interaction
action: ALLOW
expression:
path.startsWith("/authorize_interaction")
- name: allow-proxy-files
action: ALLOW
expression:
any:
- path.startsWith("/proxy")
- path.startsWith("/files")
# Allow HTMX requests if user has already passed challenge
- name: allow-htmx-iff-already-passed-challenge
action: ALLOW
expression:
all:
- '"Cookie" in headers'
- 'headers["Cookie"].contains("anubis-auth")'
- '"Hx-Request" in headers'
- 'headers["Hx-Request"] == "true"'
Read 623 times, last 2 hours ago
MicroBin by Dániel Szabó and the FOSS Community. Let's keep the Web compact, accessible and humane!