The preferred/safe way of running Odoo is with a standard user, with
only the right to create a database.
See b6b73551dbclosesodoo/documentation#6765
X-original-commit: df8114e591
Signed-off-by: Antoine Vandevenne (anv) <anv@odoo.com>
Signed-off-by: William André (wan) <wan@odoo.com>
Many customers struggle with their web server configuration, notably
regarding the `--proxy-mode` option and the way `X-Forwarded-*` HTTP
request headers are interpreted within Odoo.
The `--proxy-mode` section has been updated to cover the most common
misunderstandings and to give guidances on how to setup a web server.
Odoo always only takes the last entry of the `X-Forwarded-*` request
header because there are situations where it is not possible to
determine which last n-th entry to use. Employees might access their
odoo database via the internal network: connecting directly to nginx,
while customers might access the database via an additional proxy such
as cloudflare. The real IP of employees would be the last inside the
`X-Forwarded-For` chain, while the real IP of customers would be the
*second* last entry inside the chain. It would be incorrect to always
take the same nth last entry inside the chain. The cloudflare's own IP
address must be discarded from the chain. Web servers usually feature
a way to ignore trusted IP from the chain, a way so that the real IP
of the user is always the last entry inside the chain. Odoo relies on
such feature to be active and configured.
Prior discussions about `X-Forwarded-For`:
* odoo/odoo#104947
* odoo/odoo#118629
* odoo/odoo#139536
All `X-Forwarded-*` headers are ignored in case the `X-Forwarded-Host`
header is missing (even with `--proxy-mode`). System admin might be
tempted to not set this header and to set `Host` instead, this is
broken as this a user-agent would be able to spoof `X-Forwarded-Host`
and Odoo would use that instead of the correct `Host`.
Prior discussions about `X-Forwarded-Host`:
* odoo/odoo#63277
* odoo/odoo#70117closesodoo/documentation#6742
X-original-commit: 3d91c57b57
Signed-off-by: Julien Castiaux (juc) <juc@odoo.com>
The lambda function here is useless and makes newdooers think
they need to use it everytime.
`default=fields.Date.add(fields.Date.today(), months=3))`
should do the trick, no lambda involved.
closesodoo/documentation#6630
X-original-commit: 620508fb29
Signed-off-by: Antoine Vandevenne (anv) <anv@odoo.com>
Signed-off-by: Claire Bretton (clbr) <clbr@odoo.com>
The "../technical-training-sandbox" is added too early in the path since
its still empty, and results into an "invalid addons-path" error.
X-original-commit: 8707609b38
Part-of: odoo/documentation#6630
This addition explains how to create and connect an existing plausible.io account in Odoo.
task-3540753
closesodoo/documentation#6544
X-original-commit: cd11937f43
Signed-off-by: Jonathan Castillo (jcs) <jcs@odoo.com>
Without the :show-content: metadata markup, it is not possible to open the
page by navigating from the toctree.
closesodoo/documentation#6529
X-original-commit: 16e339a7a3
Signed-off-by: Xavier Platteau (xpl) <xpl@odoo.com>
The tour utils were red and moved in Odoo (odoo/odoo#107618).
closesodoo/documentation#6513
X-original-commit: 1746c57ff4
Signed-off-by: Antoine Vandevenne (anv) <anv@odoo.com>
Signed-off-by: Rémi Rahir (rar) <rar@odoo.com>
0c0cf8ebc9
added a new way to select accounts in the account_codes engine. This
commit adds some explanation in the doc on how to use this new syntax.
closesodoo/documentation#6505
X-original-commit: 1a32165180
Signed-off-by: Jonathan Castillo (jcs) <jcs@odoo.com>
This PR adds the documentation for a new Pos IoT Six module which will
soon replace the old Six module.
task-3555605
closesodoo/documentation#6438
X-original-commit: bc98b8c491
Signed-off-by: Yaroslav Soroko (yaso) <yaso@odoo.com>
Co-authored-by: Yaroslav Soroko (yaso) <yaso@odoo.com>
Co-authored-by: Loredana Perazzo <lrpz@odoo.com>
