Just my tuppence worth. Sessions expire when there is no activity between the client and the web server for a given session, for the given timeout. In traditional asp, the default was 20 minutes, in Tomcat (Java) it is 30. I'm not sure about PHP.
As someone suggested before, an autosave feature could help with this. If the timeout is 20 minutes, an auto-save (triggered by a javascript timer on the compose page) every 5 minutes, would prompt a client-server communication, and reset the session timeout back to 20 minutes.
I've not looked too closely, but including something like this on the compose page should fix this.
<script> // auto-save the draft every 5 minutes setInterval( "rcmail.command('savedraft','',null)", 5*60*60*1000 ); </script>
Including this on the compose page should fix the timeout when writing an email, but it would still apply everywhere else in RC.
Apologies if this has already been suggested, or is complete bolx
Pixel
On Thu, 7 Sep 2006 23:30:06 -0500, Brennan Stehling brennan@offwhite.net wrote:
That is exactly right. And beyond timing out during an email composition, in Firefox once it kicks you out to that page you cannot simply go back and copy the text you were writing. The timeout may be set to 20 minutes, but should work as a sliding window which is extended each time you take an action.
And you can monitor if someone is pressing the keys while in the composition window. Activity during composition should slide the window.
Brennan
On Thu, 7 Sep 2006 20:12:36 -0600, Eric Stadtherr estadtherr@gmail.com wrote:
Forgive me if I'm stating the obvious, but it seems like the debate is centering around the question of, "Is the timeout useful?" This seems like a completely different question from "Why is my session expiring even though I'm actively using RoundCube?" If the session management were working correctly, the sessions wouldn't be timing out during message composition and we wouldn't be discussing the first question at all.
Am I missing something?
On Sep 7, 2006, at 7:37 PM, Sergio A. Kessler wrote:
it seems gmail does the rigth thing.
but, by far, the most common scenario is a writed lost mail because of a session timeout, and this is happening to a lot of people (as you can see), just because someone want to help an *eventual* and *hipotetical* stupid user that maybe forgot to close the mail...
On 9/7/06, Mark Edwards mark@antsclimbtree.com wrote:
I don't see how this kind of attitude can possibly help Roundcube.
Squirrelmail has a timeout, as does Webmin, Cacti, and nearly every other web interface that has a login.
I am amazed that this is even an issue.
I agree that the timeout needs to not threaten the usability of the app, and that needs discussion, but saying "screw people if they don't log out" is ridiculous for an application that is supposed to offer a user-friendly interface for novices to use their email.
On Sep 7, 2006, at 5:24 PM, Sergio A. Kessler wrote:
and how do you stop people from doing stupids things ? and where do you draw the line ?
I mean, if I delete an important file or mail and clean the trash, how do you stop me ?
shit happens, anyway...
and doing something that affect to 99% of the people in a bad way, just because we want to "help" a stupid that forget to close the
in a *public* computer, is nonsense IMO...
btw, someone knows how does gmail or hotmail manage this ?
On 9/7/06, Mark Edwards mark@antsclimbtree.com wrote:
On Sep 7, 2006, at 4:26 PM, Martin Marques wrote:
> Closing the navegator SHOULD kill the session, AFAIK. > > So, the only reason I see is if you leave the web browser open.
Why is that not a good enough reason for a timeout safety feature? Someone can have it open but hidden and not realize it.
Just because someone does something stupid or wrong doesn't mean there shouldn't be a safety feature to help them.
-- Mark Edwards
-- Mark Edwards