You are here

Director Tab

Subscribe to Syndicate

NGINX is the the web server software used by Theatre Manager and requires minimal configuration to work properly. The Director tab in Company Preferences is where you define most settings.

  • To install and setup TM Server in web services mode, click here.
  • For more information on the ports used by Theatre Manager, click here.

Parts of the Director Tab

External Web Server Ticket Sales URL

Web Server URL The domain for the ticketing site. Normally, this should look like

https://tickets.yourvenue.org

Web Server Port Enter the port number that the web server will be using for incoming connections.

Normally, this is blank - so that port 443 for incoming secure connections are used.

Template Page Management

Custom Template URL This should be the inside address of the TM Web Server and will typically look like:

http://192.168.x.x

Port # This is typically set to 8111

for the virtual server that Theatre Manager uses to retrieve web page templates. This is generally never changed unless there is a desire by your network administrator to use alternate internal ports.

Template Folder Contains Note: TM server always gets the latest templates from its internal resources so the standard pages are always kept up to date. There are two choices for this setting to indicate how you want to store the custom pages

All Default Pages and TMCustom folder in a sub directory Only The customized pages in the main directory
This is a legacy setting. It means that the web pages folder contains all the standard templates (which TM server now ignores) and a subdirectory called TMCustom that contains the custom pages. This setting indicates that any page in the web pages folder is a custom file. Thus, the directory only contains custom pages. If a page is not changed from the original templates, it should NOT be in this directory. This makes it easier to know only the pages that have been altered.
Last Cache Clear The date the cache on the Classic web listener was last cleared. The button to the right of this field can be used to clear the cache on all currently running listeners simultaneously.

Note: this only applies to classic listeners to reload new pages. The second gen listener detects page changes within a minute and starts using them automatically.

Support for xFrames and Content-Security-Policy

xFrame Option Your options are
  • OFF (don’t include headers at all, everyone can put your site in an iframe)
  • SAMEORIGIN (Only the exact same domain can use iframes)
  • DENY (No one can put your site in an iframe) -or-
  • Specify any number of URLS that you’d like to use (which includes same domain in addition to what you specify).
The implementation works by using the more modern Content-Security-Policy HTTP header, but it still includes the X-Frame-Options HTTP header both to pass your PCI test and to support legacy browsers. Unfortunately, the X-Frame-Options HTTP header does not support specifying multiple domain names, so in that case older browsers will only be able to see iframes if they are from the same domain even if you specify multiple domains in Theatre Manager.

We are passing both Content-Security-Policy and X-Content-Security-Policy and using Content Security Policy 1.0 — this gives support in most browsers so the fallback issues are limited to a very small number of browsers.

Allowable URL's When a list of allowable URL's is specified, enter the URL's that you want in this space, separated with a comma.
The technical meaning of the x-frame options are described in google searches.