diff options
| author | Ivan Kohler <ivan@freeside.biz> | 2023-07-18 16:28:58 -0700 |
|---|---|---|
| committer | Ivan Kohler <ivan@freeside.biz> | 2023-07-18 16:28:58 -0700 |
| commit | 5736b748338a6737f6c24c063b724ebdb77fb79f (patch) | |
| tree | 5ceaca7b1c63d3d899b3b6fe50a1f330c19620f3 /fs_selfservice/FS-SelfService/cgi | |
| parent | 69fdc0a65143c0880990cbb66a068c0442ba7f70 (diff) | |
default to a session cookie instead of setting an explicit timeout, weird timezone/clock skew effects on server can cause firefox and other browsers to reject the session cookie, leading to silent login failures
Diffstat (limited to 'fs_selfservice/FS-SelfService/cgi')
| -rwxr-xr-x | fs_selfservice/FS-SelfService/cgi/selfservice.cgi | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi index 6eab11dae..b1fea7da2 100755 --- a/fs_selfservice/FS-SelfService/cgi/selfservice.cgi +++ b/fs_selfservice/FS-SelfService/cgi/selfservice.cgi @@ -1250,10 +1250,8 @@ sub do_template { $fill_in->{$_} = $access_info->{$_} foreach keys %$access_info; # update the user's authentication - my $timeout = $access_info->{'timeout'} || '3600'; my $cookie = CGI::Cookie->new('-name' => 'session', '-value' => $session_id, - '-expires' => '+'.$timeout.'s', #'-secure' => 1, # would be a good idea... ); if ( $name eq 'logout' ) { |