X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=htetc%2Ffreeside-base2.4.conf;h=dbf4013cdf4330355c42b388507f7705c8cee1ec;hb=2756019bdb10fe144debfc8d6436468a89954eb3;hp=c6b1fd745577bed6e5f77c445a00fa1d8609ea90;hpb=76f5eb6da76cf9444a5cfee13d6f5d7fd7e0315f;p=freeside.git

diff --git a/htetc/freeside-base2.4.conf b/htetc/freeside-base2.4.conf
index c6b1fd745..dbf4013cd 100644
--- a/htetc/freeside-base2.4.conf
+++ b/htetc/freeside-base2.4.conf
@@ -7,12 +7,11 @@ PerlModule HTML::Mason
 PerlSetVar MasonArgsMethod CGI
 PerlModule HTML::Mason::ApacheHandler
 
-PerlChildInitHandler "sub { srand }"
-
 PerlRequire "%%%MASON_HANDLER%%%"
 
+PerlChildInitHandler FS::Mason::child_init
+
 #Locale::SubCountry
-#
 AddDefaultCharset UTF-8
 
 PerlModule FS::AuthCookieHandler24
@@ -21,7 +20,10 @@ PerlAddAuthzProvider user FS::AuthCookieHandler24->authz_handler
 #XXX need to also work properly for installs w/o /freeside/ in path
 PerlSetVar FreesideLoginScript /freeside/loginout/login.html
 
-#PerlSetVar FreesideEverSecure 1
+#disables HTTP, so HTTPS only
+#PerlSetVar FreesideSecure 1
+
+#prevents cookie theft via JS
 PerlSetVar FreesideHttpOnly 1
 
 <Directory %%%FREESIDE_DOCUMENT_ROOT%%%>