The gitiles.config file supporting the site contains several configuration options.

Core configuration

Cross-Origin Resource Sharing (CORS)

Gitiles sets the Access-Control-Allow-Origin header to the HTTP origin of the client if the client's domain matches a regular expression defined in allowOriginRegex.

  allowOriginRegex = http://localhost

By default allowOriginRegex is unset, denying all cross-origin requests.


Disabling markdown

Markdown can be completely disabled by setting render to false.

  render = false

Markdown size

Markdown files are limited by default to 5 MiB of input text per file. This limit is configurable, but should not be raised beyond available memory.

  inputLimit = 5M

Image size

Referenced images are inlined as base64 encoded URIs. The image limit places an upper bound on the byte size of input.

  imageLimit = 256K


IFrame source URLs can be whitelisted by providing a list of allowed URLs. URLs ending with a / are treated as prefixes, allowing any source URL beginning with that prefix.

  allowiframe =

URLs not ending with a / are treated as exact matches, and only those source URLs will be allowed.

  allowiframe =
  allowiframe =

If the list has a single entry with the value true, all source URLs will be allowed.

  allowiframe = true

Google Analytics

Google Analytics can be enabled on every rendered markdown page by adding the Property ID to the configuration file:

  analyticsId = UA-XXXX-Y