[freeside-commits] branch FREESIDE_4_BRANCH updated. da2a324142fb3627effcbe878ea866d3e56ab6cb
Ivan
ivan at 420.am
Sun Sep 25 11:12:11 PDT 2016
The branch, FREESIDE_4_BRANCH has been updated
via da2a324142fb3627effcbe878ea866d3e56ab6cb (commit)
from a2152e2a317c71ea265d077fa224df18cb01218f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit da2a324142fb3627effcbe878ea866d3e56ab6cb
Author: Ivan Kohler <ivan at freeside.biz>
Date: Sun Sep 25 11:12:10 2016 -0700
document these non-well-named Apache::AuthCookieHandler options
diff --git a/htetc/freeside-base2.4.conf b/htetc/freeside-base2.4.conf
index f0b44d7..ee716f3 100644
--- a/htetc/freeside-base2.4.conf
+++ b/htetc/freeside-base2.4.conf
@@ -20,8 +20,8 @@ PerlAddAuthzProvider user FS::AuthCookieHandler24->authz_handler
#XXX need to also work properly for installs w/o /freeside/ in path
PerlSetVar FreesideLoginScript /freeside/loginout/login.html
-#PerlSetVar FreesideEverSecure 1
-PerlSetVar FreesideHttpOnly 1
+#PerlSetVar FreesideSecure 1 #disables HTTP, so HTTPS only
+PerlSetVar FreesideHttpOnly 1 #limits cookie theft via JS
<Directory %%%FREESIDE_DOCUMENT_ROOT%%%>
diff --git a/htetc/freeside-base2.conf b/htetc/freeside-base2.conf
index 309279d..6a1d2fb 100644
--- a/htetc/freeside-base2.conf
+++ b/htetc/freeside-base2.conf
@@ -18,8 +18,8 @@ PerlModule FS::AuthCookieHandler
#XXX need to also work properly for installs w/o /freeside/ in path
PerlSetVar FreesideLoginScript /freeside/loginout/login.html
-#PerlSetVar FreesideEverSecure 1
-PerlSetVar FreesideHttpOnly 1
+#PerlSetVar FreesideSecure 1 #disables HTTP, so HTTPS only
+PerlSetVar FreesideHttpOnly 1 #limits cookie theft via JS
<Directory %%%FREESIDE_DOCUMENT_ROOT%%%>
-----------------------------------------------------------------------
Summary of changes:
htetc/freeside-base2.4.conf | 4 ++--
htetc/freeside-base2.conf | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
More information about the freeside-commits
mailing list