Answered my own question. Sometimes you get lucky like that.
On 08/31/2016 03:23 PM, Kyle
Francis wrote:
On 08/31/2016 02:08 AM, A.L.E.C
wrote:
This is for ajax requests, but
we want to reload the page here. So, I wouldn't use it.
Good call. I'm trying the following:
// post the decrypted session key back to server
var form = $('<form action="'+location.href+'"
method="post"></form>').appendTo('body');
$(form).append('<input type="hidden" name="sessionKey"
value="'+dsk+'">');
Add here:
$(form).append('<input type="hidden" name="_token"
value="'+rcmail.env.request_token+'">');
$(form).submit();
This successfully reloads the page (I think), but I'm getting
a "Request Check Failed" response. I'm assuming this has to
do with the session token since it talks about preventing
CSRF. How I would need to pass the session token in my post
above to comply?
-Kyle
_______________________________________________
Roundcube Development discussion mailing list
dev@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/dev