X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=rt%2Fetc%2FRT_Config.pm.in;h=da089c0ba55b068a0678f888a95eca785f87bbec;hb=162a27fe7ce0c2707026d0e74a60079918cdc899;hp=6b99b61a5cf62a4608d382c30180177f3d9208ef;hpb=01352af8e44b7eb70b2b587ca43ab7ca946f038d;p=freeside.git

diff --git a/rt/etc/RT_Config.pm.in b/rt/etc/RT_Config.pm.in
index 6b99b61a5..da089c0ba 100644
--- a/rt/etc/RT_Config.pm.in
+++ b/rt/etc/RT_Config.pm.in
@@ -293,6 +293,17 @@ can generate a naive first pass regexp by using
 
 Set($RTAddressRegexp , undef);
 
+=item C<$IgnoreCcRegexp>
+
+C<$IgnoreCcRegexp> is a regexp to exclude addresses from automatic addition 
+to the Cc list.  Use this for addresses that are I<not> received by RT but
+are sometimes added to Cc lists by mistake.  Unlike C<$RTAddressRegexp>, 
+these addresses can still receive email from RT otherwise.
+
+=cut
+
+Set($IgnoreCcRegexp, undef);
+
 =item C<$CanonicalizeEmailAddressMatch>, C<$CanonicalizeEmailAddressReplace>
 
 RT provides functionality which allows the system to rewrite
@@ -330,6 +341,18 @@ made of multiple email adresses.
 
 Set($ValidateUserEmailAddresses, undef);
 
+=item C<$NonCustomerEmailRegexp>
+
+Normally, when a ticket is linked to a customer, any requestors on that
+ticket that didn't previously have customer memberships are linked to 
+the customer also.  C<$NonCustomerEmailRegexp> is a regexp for email 
+addresses that should I<not> automatically be linked to a customer in 
+this way.
+
+=cut
+
+Set($NonCustomerEmailRegexp, undef);
+
 =item C<@MailPlugins>
 
 C<@MailPlugins> is a list of auth plugins for L<RT::Interface::Email>
@@ -1238,6 +1261,42 @@ via SSL encrypted HTTP connections.
 
 Set($WebSecureCookies, 0);
 
+=item C<$WebHttpOnlyCookies>
+
+Default RT's session cookie to not being directly accessible to
+javascript.  The content is still sent during regular and AJAX requests,
+and other cookies are unaffected, but the session-id is less
+programmatically accessible to javascript.  Turning this off should only
+be necessary in situations with odd client-side authentication
+requirements.
+
+=cut
+
+Set($WebHttpOnlyCookies, 1);
+
+=item C<$RestrictReferrer>
+
+If set to a false value, the HTTP C<Referer> (sic) header will not be
+checked to ensure that requests come from RT's own domain.  As RT allows
+for GET requests to alter state, disabling this opens RT up to
+cross-site request forgery (CSRF) attacks.
+
+=cut
+
+Set($RestrictReferrer, 1);
+
+=item C<$RestrictLoginReferrer>
+
+If set to a false value, RT will allow the user to log in from any link
+or request, merely by passing in C<user> and C<pass> parameters; setting
+it to a true value forces all logins to come from the login box, so the
+user is aware that they are being logged in.  The default is off, for
+backwards compatability.
+
+=cut
+
+Set($RestrictLoginReferrer, 0);
+
 =item C<$WebFlushDbCacheEveryRequest>
 
 By default, RT clears its database cache after every page view.
@@ -1400,13 +1459,13 @@ Set ($DefaultSearchResultFormat, qq{
    '<B><A HREF="__WebPath__/Ticket/Display.html?id=__id__">__Subject__</a></B>/TITLE:Subject',
    Customer,
    Status,
-   QueueName, 
+   QueueName,
    OwnerName, 
    Priority, 
    '__NEWLINE__',
-   '', 
-   '<small>__Requestors__</small>',
    '',
+   '<small>__Requestors__</small>',
+   '<small>__CustomerTags__</small>',
    '<small>__CreatedRelative__</small>',
    '<small>__ToldRelative__</small>',
    '<small>__LastUpdatedRelative__</small>',
@@ -1559,6 +1618,16 @@ Use this to set the default units for time entry to hours instead of minutes.
 
 Set($DefaultTimeUnitsToHours, 0);
 
+=item C<$SimpleSearchIncludeResolved>
+
+By default, the simple ticket search in the top bar excludes "resolved" tickets
+unless a status argument is specified.  Set this to a true value to include 
+them.
+
+=cut
+
+Set($SimpleSearchIncludeResolved, 0);
+
 =back
 
 =head1 L<Net::Server> (rt-server) Configuration
@@ -1712,6 +1781,23 @@ Should rejection notes be sent to the requestors?  The default is true.
 Set($ApprovalRejectionNotes, 1);
 
 
+=item C<@ReferrerWhitelist>
+
+This is a list of hostname:port combinations that RT will treat as being
+part of RT's domain. This is particularly useful if you access RT as
+multiple hostnames or have an external auth system that needs to
+redirect back to RT once authentication is complete.
+
+ Set(@ReferrerWhitelist, qw(www.example.com:443  www3.example.com:80));
+
+If the "RT has detected a possible cross-site request forgery" error is triggered
+by a host:port sent by your browser that you believe should be valid, you can copy
+the host:port from the error message into this list.
+
+=cut
+
+Set(@ReferrerWhitelist, qw());
+
 =back
 
 =head1 Miscellaneous Configuration
@@ -1810,7 +1896,8 @@ C<Set(@Plugins, (qw(Extension::QuickDelete RT::FM)));>
 
 =cut
 
-Set(@Plugins, (qw(RTx::Calendar))); #RTx::Checklist ));
+Set(@Plugins, (qw(RTx::Calendar
+                  RT::Extension::MobileUI))); #RTx::Checklist ));
 
 =back