text improvements

Author: christophdb

intro/changelog.md

@@ -22,7 +22,7 @@ Listed below are all the changes to the SeaTable API. Each date corresponds to a
 > 
 > You can get more information from this [blog article](https://seatable.com/api-gateway-version-5-3/).
 
-No further changes were made to the API documentation.
+No further changes were made to the API documentation with v5.3.
 
 ## Version 5.2 (25.02.2025)
 

intro/limits.md

@@ -24,13 +24,9 @@ Meaning that if you reach the rate limit for one base, you still could make requ
 >
 > Currently, the same limits apply to all SeaTable Cloud customers. In the future, SeaTable might adjust the rate limits to balance for demand and reliability. SeaTable may also introduce distinct rate limits for teams with different pricing plans.
 
-> ❗ Important Update: API Endpoint Changes
->
-> In version 5.2, the `/dtable-server` and `/dtable-db` endpoints will be deprecated and then removed in version 5.3. All functions will be transitioned to `/api-gateway` endpoints. Please update your custom integrations and scripts accordingly to ensure continued functionality. More information will be provided with the release notes of SeaTable version 5.2.
-
 ### Retrieve current rate limit usage
 
-The new `/api-gateway` endpoints return the current API rate limit usage through `x-ratelimit` headers. These headers provide the minute limit, the current usage, and the next reset time as a Unix timestamp in seconds. Below is an example of the returned headers:
+The `/api-gateway` endpoints return the current API rate limit usage through `x-ratelimit` headers. These headers provide the minute limit, the current usage, and the next reset time as a Unix timestamp in seconds. Below is an example of the returned headers:
 
 ```
 x-ratelimit-limit: 500

intro/requirement-self-hosted.md

@@ -37,184 +37,13 @@ After the first login you can start right away to start with your first API requ
 
 ## Try It! with SeaTable Server
 
-If you are running your own [SeaTable server](https://seatable.com/on-premises/), you will need to change your nginx configuration so that the **Try It!** function works with your server and that you can easily copy and paste the generated API requests without authorization errors. Please replace your existing nginx configuration at `/opt/seatable/seatable-data/seatable/conf/nginx.conf` with the following setup.
+If you are running your own [SeaTable server](https://seatable.com/on-premises/), the **Try It!** feature works seamlessly with your server, allowing you to easily copy and paste the generated API requests without encountering authorization errors.
 
-Of course you have to replace `{your.seatable.server}` with the public URL of your server and then reload the updated nginx configuration inside the SeaTable docker container with `nginx -s reload`. For more details about this command and the SeaTable docker container, check the [admin manual](https://admin.seatable.com).
+### Technical background: Enable CORS to allow requests from api.seatable.com
 
-```bash nginx configuration (4.0 and newer)
-log_format seatableformat '\$http_x_forwarded_for \$remote_addr [\$time_local] "\$request" \$status \$body_bytes_sent "\$http_referer" "\$http_user_agent" \$upstream_response_time';
+This section is for those interested in the technical details behind why api.seatable.com can send requests to your SeaTable server. To enable this functionality, CORS (Cross-Origin Resource Sharing) must be configured to allow requests from api.seatable.com.
 
-upstream dtable_servers {
-    server 127.0.0.1:5000;
-    keepalive 15;
-}
-
-server {
-    listen 80;
-    server_name {your.seatable.server};
-
-    # CORS seetings to allow API from readme.com
-    proxy_hide_header   'Access-Control-Allow-Origin';
-    add_header 'Access-Control-Allow-Origin' '*' always;
-    add_header 'Access-Control-Allow-Methods' 'GET,POST,PUT,DELETE,OPTIONS' always;
-    add_header 'Access-Control-Allow-Headers' 'Content-Type, Accept, authorization, token, deviceType, x-seafile-otp' always;
-    if ($request_method = 'OPTIONS') {
-	    return 204;
-    }
-
-    location / {
-        proxy_pass         http://127.0.0.1:8000;
-        proxy_set_header   Host $host;
-        proxy_set_header   X-Real-IP $remote_addr;
-        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header   X-Forwarded-Host $server_name;
-        proxy_read_timeout  1200s;
-        client_max_body_size 0;
-        access_log      /opt/nginx-logs/dtable-web.access.log seatableformat;
-        error_log       /opt/nginx-logs/dtable-web.error.log;
-    }
-    ...
-}
-```
-
-```bash nginx configuration (before 4.0)
-# rewrite "bearer token" to "Token token"
-map "$http_authorization" $authorization {
-    ~*^Bearer(\s*)(?<token>(.*))$ "Token $token";
-    default $http_authorization;
-}
-
-log_format seatableformat '\$http_x_forwarded_for \$remote_addr [\$time_local] "\$request" \$status \$body_bytes_sent "\$http_referer" "\$http_user_agent" \$upstream_response_time';
-
-upstream dtable_servers {
-    server 127.0.0.1:5000;
-    keepalive 15;
-}
-
-server {
-    listen 80;
-    server_name {your.seatable.server};
-
-    # rewrite to https
-    location / {
-        rewrite ^ https://$http_host$request_uri? permanent;
-    }
-    # for letsencrypt
-    location ^~ /.well-known/acme-challenge/ {
-        alias /var/www/challenges/;
-        try_files $uri =404;
-    }
-}
-
-server {
-    server_name {your.seatable.server};
-    listen 443 ssl;
-    ssl_certificate /opt/ssl/{your.seatable.server}.crt;
-    ssl_certificate_key /opt/ssl/{your.seatable.server}.key;
-
-    # SSL Hardening
-    ssl_protocols TLSv1.2 TLSv1.3;
-    ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;
-    ssl_prefer_server_ciphers on;
-    ssl_ecdh_curve secp384r1;
-
-    ssl_session_timeout  10m;
-    ssl_session_cache shared:SSL:10m;
-    ssl_session_tickets off;
-
-    # general proxy_settings
-    proxy_set_header X-Forwarded-For $remote_addr;
-
-    # CORS seetings to allow API from readme.com
-    proxy_hide_header   'Access-Control-Allow-Origin';
-    add_header 'Access-Control-Allow-Origin' '*' always;
-    add_header 'Access-Control-Allow-Methods' 'GET,POST,PUT,DELETE,OPTIONS' always;
-    add_header 'Access-Control-Allow-Headers' 'Content-Type, Accept, authorization, token, deviceType, x-seafile-otp' always;
-    if ($request_method = 'OPTIONS') {
-	    return 204;
-    }
-
-    location / {
-        proxy_set_header Authorization $authorization;
-        proxy_pass         http://127.0.0.1:8000;
-        proxy_set_header   Host $host;
-        proxy_set_header   X-Real-IP $remote_addr;
-        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header   X-Forwarded-Host $server_name;
-        proxy_read_timeout  1200s;
-        client_max_body_size 0;
-        access_log      /opt/nginx-logs/dtable-web.access.log seatableformat;
-        error_log       /opt/nginx-logs/dtable-web.error.log;
-    }
-
-    location /seafhttp {
-        proxy_set_header Authorization $authorization;
-        rewrite ^/seafhttp(.*)$ $1 break;
-        proxy_pass http://127.0.0.1:8082;
-        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_request_buffering off;
-        proxy_connect_timeout  36000s;
-        proxy_read_timeout     36000s;
-        proxy_send_timeout     36000s;
-        send_timeout           36000s;
-        client_max_body_size   0;
-        access_log             /opt/nginx-logs/seafhttp.access.log seatableformat;
-        error_log              /opt/nginx-logs/seafhttp.error.log;
-    }
-
-    location /media {
-        root /opt/seatable/seatable-server-latest/dtable-web;
-    }
-
-    location /socket.io {
-        proxy_pass http://dtable_servers;
-        proxy_http_version 1.1;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection 'upgrade';
-        proxy_redirect   off;
-        proxy_buffers    8 32k;
-        proxy_buffer_size 64k;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header Host $http_host;
-        proxy_set_header X-NginX-Proxy true;
-        access_log      /opt/nginx-logs/socket-io.access.log seatableformat;
-        error_log       /opt/nginx-logs/socket-io.error.log;
-    }
-
-    location /dtable-server {
-        proxy_set_header Authorization $authorization;
-        rewrite ^/dtable-server/(.*)$ /$1 break;
-        proxy_pass         http://dtable_servers;
-        proxy_redirect     off;
-        proxy_set_header   Host              $host;
-        proxy_set_header   X-Real-IP         $remote_addr;
-        proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
-        proxy_set_header   X-Forwarded-Host  $server_name;
-        proxy_set_header   X-Forwarded-Proto $scheme;
-        client_max_body_size 50m;
-        access_log         /opt/nginx-logs/dtable-server.access.log seatableformat;
-        error_log          /opt/nginx-logs/dtable-server.error.log;
-    }
-
-    location /dtable-db/ {
-        proxy_set_header Authorization $authorization;
-        proxy_pass         http://127.0.0.1:7777/;
-        proxy_redirect     off;
-        proxy_set_header   Host              $host;
-        proxy_set_header   X-Real-IP         $remote_addr;
-        proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
-        proxy_set_header   X-Forwarded-Host  $server_name;
-        proxy_set_header   X-Forwarded-Proto $scheme;
-        access_log         /opt/nginx-logs/dtable-db.access.log seatableformat;
-        error_log          /opt/nginx-logs/dtable-db.error.log;
-    }
-}
-```
-
-### Enable CORS to allow requests from api.seatable.com
-
-CORS is the abbreviation for [Cross-origin resource sharing](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), which is a security mechanism to prevent request from another domain to your server. If you don't allow CORS request for api.seatable.com, the **Try It!** button will not work. After the click you will see a rotating circle on the button and error messages in your browser console.
+`CORS` is the abbreviation for [Cross-origin resource sharing](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing), which is a security mechanism to prevent request from another domain to your server. If you don't allow CORS request for api.seatable.com, the **Try It!** button will not work. After the click you will see a rotating circle on the button and error messages in your browser console.
 
 ![Try It! with CORS error](https://seatable.com/openapi/readme-com-cors-access-control.png)
 
@@ -235,31 +64,3 @@ if ($request_method = 'OPTIONS') {
 >
 > A common error with `add_header` is that these values are not inherited. I.e. in the `location ...` blocks no `add_header` may occur, because otherwise the previously set headers are not taken over.
 
-## Rewrite of the authorization header (only necessary for SeaTable <4.0)
-
-Before Version 4.0 SeaTable uses an authorization header that does not comply with the OpenAPI standard. This API reference generates API requests with an authorization header like `authorization: Bearer xxx` but SeaTable requires headers like `authorization: Token xxx`. The following part of the nginx configuration rewrites the header. With Version 4.0 SeaTable will also accept [Bearer Authentication](https://swagger.io/docs/specification/authentication/bearer-authentication/) and this part is not necessary any more.
-
-```
-map "$http_authorization" $authorization {
-    ~*^Bearer(\s*)(?<token>(.*))$ "Token $token";
-    default $http_authorization;
-}
-location / {
-    proxy_set_header Authorization $authorization;
-    ...
-}
-location /seafhttp {
-    proxy_set_header Authorization $authorization;
-    ...
-}
-location /dtable-server {
-    proxy_set_header Authorization $authorization;
-    ...
-}
-location /dtable-db/ {
-    proxy_set_header Authorization $authorization;
-    ...
-}
-```
-
-###