DomainTail

Implements the domain/IP session qualifiers so that only the major domain is used to qualify the session ID.

Synopsis

This is a Yes or No directive.  The default is Yes.

Scope

This directive is only available for use in the global (interchange.cfg) configuration file, and will affect all websites running under the Interchange installation.  It will not work in a website's local (catalog.cfg) configuration file. 

Description

Implements the domain/IP session qualifiers so that only the major domain is used to qualify the session ID.  For instance, if the remote hostname is "andromeda.office.cursor.biz" then only "cursor.biz" would be used when qualifying access to the session.  This is a security compromise, but it allows non-cookie-accepting browsers to use multiple proxy servers in the same domain.

Also see the CountrySubdomains global configuration directive that can be used to define a list of ccTLDs that have country-specific standardised subdomains that should be taken into account.  For example, if the remote hostname is "foo.bar.example.co.uk" then only "example.co.uk" would be used when qualifying access to the session.

If you are encrypting credit cards with PGP or GnuPG, or are using a payment service provider, then you might want to consider the WideOpen directive, which enables even more browser compatibility at the cost of some security.

Note Interchange's HostnameLookups facility, or your web server's equivalent, will need to be active for this directive to have any effect.