Possible bug: /config/_default/security.toml is ignored

techmagus · December 17, 2021, 10:36pm

I use Pandoc in one of my sites and also I am using the /config/ method.

In /config/_default/ folder:

create: security.toml
the content:

enableInlineShortcodes = false
[security.exec]
  allow = ['^dart-sass-embedded$', '^go$', '^npx$', '^postcss$', '^pandoc$']
  osEnv = ['(?i)^(PATH|PATHEXT|APPDATA|TMP|TEMP|TERM)$']

[security.funcs]
  getenv = ['^HUGO_']

[security.http]
  methods = ['(?i)GET|POST']
  urls = ['.*']

When I am building the site, I get this error:

access denied: "pandoc" is not whitelisted in policy "security.exec.allow"; the current security configuration is:

[security]
  enableInlineShortcodes = false
  [security.exec]
    allow = ['^dart-sass-embedded$', '^go$', '^npx$', '^postcss$']
    osEnv = ['(?i)^(PATH|PATHEXT|APPDATA|TMP|TEMP|TERM)$']

  [security.funcs]
    getenv = ['^HUGO_']

  [security.http]
    methods = ['(?i)GET|POST']
    urls = ['.*']

However, if I add it in /config/_default/config.toml file it works.

EDIT: changed to /config/_default/ instead of simply /config/

bep · December 17, 2021, 10:53pm

When you move these config sections to its own file, you need to “remove” the root, so [security.exec] becomes [exec] etc.

techmagus · December 17, 2021, 10:55pm

Oh yeah! I keep forgetting those, I only remove the base one like [security].

Thanks for pointing it out!

system · December 19, 2021, 10:56pm

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Changed TOML interpretation in 0.112 - a bug? support	5	291	May 25, 2023
Ignore a directory	4	7333	May 29, 2018
Permission denied: config.toml support	4	853	March 25, 2023
How to download a page converted to pdf or odt support	2	354	July 24, 2021
Displaying a file? support	2	641	April 11, 2018

Possible bug: /config/_default/security.toml is ignored

Related Topics