Get back to me with your details.
BEST REGARDS, SILVER FINANCE FIRM.
From: Reindl Harald h.reindl@thelounge.net To: users@lists.roundcube.net Sent: Friday, December 28, 2012 11:37 AM Subject: Re: [RCU] locking in https - Re: invalid auth cookie
Am 28.12.2012 20:33, schrieb Benny Pedersen:
Reindl Harald skrev den 2012-12-28 20:22:
because cookies are DOMAIN based the domain is the same
and you are not using roundcube ?
if roundcube have this kind of security problems please dokument it as a ticket so it gets fixed in php code, for the apache setup i still keep what i say to not use redirecting
this has NOTHING to do with roundcube it is your lacking knowledge of HTTP basics
only idiots would configure a different docroot and hope that whatever used software is respsonsible to make sure that the browser only send abck cookies over https while skilled admins make sure this case in the docroot configuration independent of any script running on the host
Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users