summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIvan Kohler <ivan@freeside.biz>2023-07-18 16:29:01 -0700
committerIvan Kohler <ivan@freeside.biz>2023-07-18 16:29:01 -0700
commit379df33385e9519bd43abc0f976e3d170072ad7c (patch)
tree71b8a01ec7f3e1252e1bdec44070ab5d6a8be814
parentb07fc5121e081be276cd7ed8ea0a030b4c2b06e7 (diff)
default to a session cookie instead of setting an explicit timeout, weird timezone/clock skew effects on server can cause firefox and other browsers to reject the session cookie, leading to silent login failuresFREESIDE_4_BRANCH
-rw-r--r--FS/FS/Conf.pm4
-rwxr-xr-xfs_selfservice/FS-SelfService/cgi/selfservice.cgi2
2 files changed, 2 insertions, 4 deletions
diff --git a/FS/FS/Conf.pm b/FS/FS/Conf.pm
index 657f38d..98de8da 100644
--- a/FS/FS/Conf.pm
+++ b/FS/FS/Conf.pm
@@ -2476,8 +2476,8 @@ and customer address. Include units.',
{
'key' => 'selfservice-timeout',
- 'section' => 'self-service',
- 'description' => 'Timeout for the self-service login cookie, in seconds. Defaults to 1 hour.',
+ 'section' => 'deprecated',
+ 'description' => 'Deprecated. Was the timeout for the self-service login cookie, in seconds. Defaulted to 1 hour.',
'type' => 'text',
},
diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
index 779ef33..5cf0fa0 100755
--- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
+++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi
@@ -1252,10 +1252,8 @@ sub do_template {
$fill_in->{$_} = $access_info->{$_} foreach keys %$access_info;
# update the user's authentication
- my $timeout = $access_info->{'timeout'} || '3600';
my $cookie = CGI::Cookie->new('-name' => 'session',
'-value' => $session_id,
- '-expires' => '+'.$timeout.'s',
#'-secure' => 1, # would be a good idea...
);
if ( $name eq 'logout' ) {