X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=config%2Fconfig.md;h=c843bca5d87b63c35ba68b696f24d7043563a9d7;hb=6979eeda34a7c9c201c0816f322c3a29c6d947e6;hp=e08d206b65962a4d16f3caf55171b1e7cb33dfaf;hpb=69f5dfcfb3f2b498e1f9957244f0896b6f9d5c2a;p=akkoma

diff --git a/config/config.md b/config/config.md
index e08d206b6..c843bca5d 100644
--- a/config/config.md
+++ b/config/config.md
@@ -81,7 +81,22 @@ This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:i
 * ``outgoing_blocks``: Whether to federate blocks to other instances
 * ``deny_follow_blocked``: Whether to disallow following an account that has blocked the user in question
 
-## :csp
+## :http_security
 * ``enabled``: Whether the managed content security policy is enabled
 * ``sts``: Whether to additionally send a `Strict-Transport-Security` header
 * ``sts_max_age``: The maximum age for the `Strict-Transport-Security` header if sent
+* ``ct_max_age``: The maximum age for the `Expect-CT` header if sent
+* ``referrer_policy``: The referrer policy to use, either `"same-origin"` or `"no-referrer"`.
+
+## :mrf_user_allowlist
+
+The keys in this section are the domain names that the policy should apply to.
+Each key should be assigned a list of users that should be allowed through by
+their ActivityPub ID.
+
+An example:
+
+```
+config :pleroma, :mrf_user_allowlist,
+  "example.org": ["https://example.org/users/admin"]
+```