[RCU] Problem with CSRF
michael at orlitzky.com
Tue Apr 9 02:23:20 CEST 2019
On 4/8/19 6:50 PM, Andreas Meyer wrote:
> What happend here that all of the sudden I don't have a working roundcube
> anymore? Where does this CSRF problem come from? I just upgraded to version
> 1.3.9 and the problem remains.
This just happens every once in a while, and nobody has a good answer.
Our users certainly don't know what to do. They call us, we don't know
what to do. I started disabling the CSRF protection entirely:
1. Open program/lib/Roundcube/rcube.php
2. Search for "public function check_request"
3. Have it always return true.
More information about the users