[RCD] Roundcube session management

A.L.E.C alec at alec.pl
Thu May 22 10:23:25 CEST 2014


On 05/22/2014 10:16 AM, Thomas Bruederli wrote:
> We use this to check whether the user's browser supports cookies. If
> the login request doesn't come with a valid session cookie, we can
> display a proper warning about disabled cookies. One can argue that
> this isn't necessary but that's a reason for starting session.
> 
> But maybe we can move that check to the redirected page after login.

I think we can check cookie support in javascript on login page.

What about security token, can we have it without session?

-- 
Aleksander 'A.L.E.C' Machniak
LAN Management System Developer [http://lms.org.pl]
Roundcube Webmail Developer  [http://roundcube.net]
---------------------------------------------------
PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl


More information about the dev mailing list