diff options
author | Ivan Kohler <ivan@freeside.biz> | 2023-07-18 16:28:58 -0700 |
---|---|---|
committer | Ivan Kohler <ivan@freeside.biz> | 2023-07-18 16:28:58 -0700 |
commit | 5736b748338a6737f6c24c063b724ebdb77fb79f (patch) | |
tree | 5ceaca7b1c63d3d899b3b6fe50a1f330c19620f3 | |
parent | 69fdc0a65143c0880990cbb66a068c0442ba7f70 (diff) |
default to a session cookie instead of setting an explicit timeout, weird timezone/clock skew effects on server can cause firefox and other browsers to reject the session cookie, leading to silent login failuresHEADmaster
-rw-r--r-- | FS/FS/Conf.pm | 4 | ||||
-rwxr-xr-x | fs_selfservice/FS-SelfService/cgi/selfservice.cgi | 2 |
2 files changed, 2 insertions, 4 deletions
diff --git a/FS/FS/Conf.pm b/FS/FS/Conf.pm index 383fb0e..57a8867 100644 --- a/FS/FS/Conf.pm +++ b/FS/FS/Conf.pm @@ -2452,8 +2452,8 @@ and customer address. Include units.', { 'key' => 'selfservice-timeout', - 'section' => 'self-service', - 'description' => 'Timeout for the self-service login cookie, in seconds. Defaults to 1 hour.', + 'section' => 'deprecated', + 'description' => 'Deprecated. Was the timeout for the self-service login cookie, in seconds. Defaulted to 1 hour.', 'type' => 'text', }, diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi index 6eab11d..b1fea7d 100755 --- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi +++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi @@ -1250,10 +1250,8 @@ sub do_template { $fill_in->{$_} = $access_info->{$_} foreach keys %$access_info; # update the user's authentication - my $timeout = $access_info->{'timeout'} || '3600'; my $cookie = CGI::Cookie->new('-name' => 'session', '-value' => $session_id, - '-expires' => '+'.$timeout.'s', #'-secure' => 1, # would be a good idea... ); if ( $name eq 'logout' ) { |