Answered my own question.  Sometimes you get lucky like that.

On 08/31/2016 03:23 PM, Kyle
        Francis wrote:

On 08/31/2016 02:08 AM, A.L.E.C
          wrote:

This is for ajax requests, but
            we want to reload the page here. So, I wouldn't use it. 

Good call.  I'm trying the following:

          // post the decrypted session key back to server

          var form = $('<form action="'+location.href+'"
          method="post"></form>').appendTo('body');

          $(form).append('<input type="hidden" name="sessionKey"
          value="'+dsk+'">');

Add here:

            $(form).append('<input type="hidden" name="_token"
        value="'+rcmail.env.request_token+'">');

 $(form).submit();

          This successfully reloads the page (I think), but I'm getting
          a "Request Check Failed" response.  I'm assuming this has to
          do with the session token since it talks about preventing
          CSRF. How I would need to pass the session token in my post
          above to comply?

          -Kyle

_______________________________________________
        Roundcube Development discussion mailing list
        dev@lists.roundcube.net
        http://lists.roundcube.net/mailman/listinfo/dev