projects / freeside.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
document these non-well-named Apache::AuthCookieHandler options
[freeside.git] / htetc / freeside-base2.conf
diff --git a/htetc/freeside-base2.conf b/htetc/freeside-base2.conf
index e981ef2..6a1d2fb 100644 (file)
--- a/htetc/freeside-base2.conf
+++ b/htetc/freeside-base2.conf
@@ -6,12 +6,11 @@ PerlModule HTML::Mason
 PerlSetVar MasonArgsMethod CGI
 PerlModule HTML::Mason::ApacheHandler
 
-PerlChildInitHandler "sub { srand }"
-
 PerlRequire "%%%MASON_HANDLER%%%"
 
+PerlChildInitHandler FS::Mason::child_init
+
 #Locale::SubCountry
-#
 AddDefaultCharset UTF-8
 
 PerlModule FS::AuthCookieHandler
@@ -19,8 +18,8 @@ PerlModule FS::AuthCookieHandler
 #XXX need to also work properly for installs w/o /freeside/ in path
 PerlSetVar FreesideLoginScript /freeside/loginout/login.html
 
-#PerlSetVar FreesideEverSecure 1
-PerlSetVar FreesideHttpOnly 1
+#PerlSetVar FreesideSecure 1 #disables HTTP, so HTTPS only
+PerlSetVar FreesideHttpOnly 1 #limits cookie theft via JS
 
 <Directory %%%FREESIDE_DOCUMENT_ROOT%%%>
 
Freeside billing, trouble ticketing, network monitoring and provisioning