[RCU] Problem with CSRF

handcrafted cusine bookings at handcraftedcuisine.com.au
Tue Apr 9 11:39:19 CEST 2019


STOP SENDING THIS RUBBISH!!!!!!!!!!!!!!!!

---
_Thank you,_ 

_Kind regards,_ 

laky J 

_director/executive Chef_ 

WEBSITE: www.handcraftedcuisine.com.au 

MOBILE:    +61468681891 

EMAIL:      bookings at handcraftedcuisine.com.au 

On 2019-04-09 19:32, Andreas Meyer wrote:

> Reindl Harald <h.reindl at thelounge.net> schrieb am 09.04.19 um 11:16:20 Uhr:
> 
> What happend here that all of the sudden I don't have a working
> roundcube anymore? Where does this CSRF problem come from? I
> just upgraded to version 1.3.9 and the problem remains.
> 
> This just happens every once in a while, and nobody has a good
> answer. Our users certainly don't know what to do. They call us,
> we don't know what to do. I started disabling the CSRF protection
> entirely:
> 
> 1. Open program/lib/Roundcube/rcube.php 2. Search for "public
> function check_request" 3. Have it always return true.

I fear I don't know how to do that. I don't know much about PHP if
at all.   
just write "return true;" as first line after the function definition,
it's that easy 
public function check_request($mode = rcube_utils::INPUT_POST)
   {  return true; }

like so and comment out the rest of the function?
Must be wrong, get a blank page.

  Andreas

-- 
PGP-Fingerprint: D392 5D21 0299 63D7 5BAE 4562 1E56 B2EA 81A2 59F1

_______________________________________________
Roundcube Users mailing list
users at lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.roundcube.net/pipermail/users/attachments/20190409/98559165/attachment.html>


More information about the users mailing list