improve YAML syntax for defining allowed IPs

1 files changed, 21 insertions, 3 deletions

diff --git a/.config/cypress-devcontainer.yml b/.config/cypress-devcontainer.yml
index e4eb8cc805..356d583611 100644
--- a/.config/cypress-devcontainer.yml
+++ b/.config/cypress-devcontainer.yml
@@ -269,9 +269,27 @@ proxyRemoteFiles: true
 # Sign to ActivityPub GET request (default: true)
 signToActivityPubGet: true
 
-allowedPrivateNetworks: [
-  '127.0.0.1/32'
-]
+# For security reasons, uploading attachments from the intranet is prohibited,
+# but exceptions can be made from the following settings. Default value is "undefined".
+# Read changelog to learn more (Improvements of 12.90.0 (2021/09/04)).
+# Some example configurations:
+allowedPrivateNetworks:
+  # Allow connections to 127.0.0.1 on any port
+  - '127.0.0.1/32'
+#  # Allow connections to 127.0.0.* on any port
+#  - '127.0.0.1/24'
+#  # Allow connections to 127.0.0.1 on any port
+#  - '127.0.0.1'
+#  # Allow connections to 127.0.0.1 on any port
+#  - network: '127.0.0.1'
+#  # Allow connections to 127.0.0.1 on port 80
+#  - network: '127.0.0.1'
+#    ports: [80]
+#  # Allow connections to 127.0.0.1 on port 80 or 443
+#  - network: '127.0.0.1'
+#    ports:
+#      - 80
+#      - 443
 
 # Disable automatic redirect for ActivityPub object lookup. (default: false)
 # This is a strong defense against potential impersonation attacks if the viewer instance has inadequate validation.