Page Contents

Overview

Define application server-side settings in /server/config.json. For example here are the default settings:

config.json

{
  "restApiRoot": "/api",
  "host": "0.0.0.0",
  "port": 3000,
  "remoting": {
    ... // See below
  },
  "legacyExplorer": false
}

Top-level properties

The following table describes the properties you can configure.

Property Description Default

aclErrorStatus

When an authenticated user is denied access because of an ACL, by default the application returns HTTP error status code 401 unauthorized. If you want instead to return 403 (forbidden) set the value here. This may be required, for example, when using an AngularJS interceptor to differentiate between the need to show an access denied/request access page instead of a login dialog.

Can also set this in the Model definition JSON file to define per-model.

REVIEW COMMENT from Rand
What happened to this?

401
host

Host or IP address used to create the Node HTTP server. If a request comes to a different host or IP address, then the application won't accept the connection. See server.listen() for more information.

0.0.0.0
legacyExplorer

Set to false to disable old routes /models and /routes that are exposed, but no longer used by API Explorer; use true or omit the option to keep them enabled.

When upgrading to v2.14.0, set "legacyExplorer": false

true
port TCP port to use. 3000
remoting See Remoting properties below. N/A
restApiRoot Root URI of REST API /api

To access the settings in application code, use app.get('_property_').

You can also retrieve Express app object properties with this method. See app.get() in Express documentation for more information.

Remoting properties

Properties under the remoting top-level property determine how the application performs remote operations using strong-remoting; for example:

...
  "remoting": {
    "context": {
      "enableHttpContext": false
    },
    "rest": {
      "normalizeHttpPath": false,
      "xml": false
    },
    "json": {
      "strict": false,
      "limit": "100kb"
    },
    "urlencoded": {
      "extended": true,
      "limit": "100kb"
    },
    "cors": false,
    "errorHandler": {
      "disableStackTrace": false
    }
  },
...

The following table describes the remoting properties.

Property Type Description Default
cors Boolean If false, use the CORS settings in middleware.json. false
context.enableHttpContext Boolean Advanced feature. For more information, see Using current context. false
errorHandler.disableStackTrace Boolean

Set to true to disable stack traces; removes the stack property from the Error object.

Ignored when NODE_ENV is "production", when stack traces are always disabled.

false
json.limit String

Maximum request body size.

You can set other JSON propertis as well; see body-parser.json().

100kb
json.strict Boolean

Parse only objects and arrays.

You can set other JSON propertis as well; see body-parser.json().

false
rest.handleErrors Boolean If true (the default), then the REST adapter handles all errors by sending back a JSON-formatted error response. If false, then errors are passed to the top-level application error-handler. true
rest.handleUnknownPaths Boolean

If true (the default), then the REST adapter emits a 404 error for unknown paths. The REST error handler or the application error handler then handle this error; rest.handleErrors above.

If false, then the REST adapter delegates handling unknown paths to the top-level application by calling next().

true
rest.normalizeHttpPath Boolean

If true, in HTTP paths, converts:

  • Uppercase letters to lowercase.
  • Underscores (_) to dashes (-).
  • CamelCase to dash-delimited.

Does not affect placeholders (for example ":id").

For example, "MyClass" or "My_class" becomes "my-class".

false
rest.supportedTypes Array

List of content types that the API supports in HTTP responses.

The response type will match that specfied in the HTTP request "accepts" header, if it is in this list of supported types.

If this property is set, then rest.xml is ignored.

NOTE: 'application/vnd.api-json' is supported, but is not one of the default types.

'application/json'
'application/javascript'
'application/xml'
'text/javascript'
'text/xml'
'json'
'xml'

rest.xml Boolean

If true, then 'xml' is added to the supported content types. Then, the API will then respond with XML when the HTTP request "accepts" type contains 'xml'.

false
urlencoded.extended Boolean

Parse extended syntax with the qs module.

For more information, see bodyParser.urlencoded().

true
urlencoded.limit String

Maximum request body size.

For more information, see bodyParser.urlencoded().

100kb

Environment-specific settings

You can override values that are set in config.json in:

  • config.local.js or config.local.json
  • config._env_.js or config._env_.json, where env is the value of NODE_ENV (typically development or production); so, for example config.production.json.

For example:

config.production.js

module.exports = {
  host: process.env.CUSTOM_HOST,
  port: process.env.CUSTOM_PORT
};

For more information, see Environment-specific configuration.