X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=htetc%2Ffreeside-base2.conf;h=7ea26d3814fc41391b3c9444fb50ccdb204ac1f4;hp=1bbe90a59696ad58e5fe304b0c521e6832205d72;hb=cd1555c36924e21a9894b29071d76911ec277d9a;hpb=63973c641c4be00765fa27e55c57cc5b9aa4da19

diff --git a/htetc/freeside-base2.conf b/htetc/freeside-base2.conf
index 1bbe90a59..7ea26d381 100644
--- a/htetc/freeside-base2.conf
+++ b/htetc/freeside-base2.conf
@@ -6,12 +6,11 @@ PerlModule HTML::Mason
 PerlSetVar MasonArgsMethod CGI
 PerlModule HTML::Mason::ApacheHandler
 
-PerlChildInitHandler "sub { srand }"
-
 PerlRequire "%%%MASON_HANDLER%%%"
 
+PerlChildInitHandler FS::Mason::child_init
+
 #Locale::SubCountry
-#
 AddDefaultCharset UTF-8
 
 PerlModule FS::AuthCookieHandler
@@ -19,7 +18,10 @@ PerlModule FS::AuthCookieHandler
 #XXX need to also work properly for installs w/o /freeside/ in path
 PerlSetVar FreesideLoginScript /freeside/loginout/login.html
 
-#PerlSetVar FreesideEverSecure 1
+#disables HTTP, so HTTPS only
+#PerlSetVar FreesideSecure 1
+
+#prevents cookie theft via JS
 PerlSetVar FreesideHttpOnly 1
 
 <Directory %%%FREESIDE_DOCUMENT_ROOT%%%>
@@ -48,6 +50,11 @@ PerlSetVar FreesideHttpOnly 1
     <Files "freeside.css">
         Satisfy any
     </Files>
+
+    <Files ~ "(\.html)$">
+        Deny from all
+        SetHandler None
+    </Files>
 </Directory>
 
 <Directory %%%FREESIDE_DOCUMENT_ROOT%%%/rt/Helpers/>
@@ -59,3 +66,15 @@ PerlSetVar FreesideHttpOnly 1
     Satisfy any
 </Directory>
 
+<Directory %%%FREESIDE_DOCUMENT_ROOT%%%/rt/NoAuth/iCal/>
+    Satisfy any
+    SetHandler perl-script
+    PerlHandler HTML::Mason
+</Directory>
+
+<Directory %%%FREESIDE_DOCUMENT_ROOT%%%/REST/1.0/>
+    Satisfy any
+    SetHandler perl-script
+    PerlHandler HTML::Mason
+</Directory>
+