+// Allow Cross-Origin Resource Sharing (CORS) for service discovery
+// (host-meta, XRD, etc.) Useful for AJAXy client applications. Should
+// probably NOT be on for private / intranet sites but OK for public sites.
+// Default is off.
+// $config['discovery']['cors'] = true;
+
+// If your web server supports X-Sendfile (Apache with mod_xsendfile,
+// lighttpd, nginx), you can enable X-Sendfile support for better
+// performance. Presently, only attachment serving when the site is
+// in private mode will use X-Sendfile.
+// $config['site']['use_x_sendfile'] = false;
+// You may also need to enable X-Sendfile support for your web server and
+// allow it to access files outside of the web root. For Apache with
+// mod_xsendfile, you can add these to your .htaccess or server config:
+//
+// XSendFile on
+// XSendFileAllowAbove on
+//
+// See http://tn123.ath.cx/mod_xsendfile/ for mod_xsendfile.
+