Hi Michael,

Did you ask the user to log out and then back in? That's what Google suggests. Google also seems to suggest 'solutions' to disable csrf.

Kr,
Vincent

Sent from my smartphone



---- Michael Orlitzky schreef ----

What are we supposed to do when our users call in and say they're seeing
the CSRF failure page? The error message says to contact the server
administrator...

   For your protection, access to this resource is secured against CSRF.
   If you see this, you probably didn't log out before leaving the web
   application. Human interaction is now required to continue. Please
   contact your server-administrator.

Is there a way to turn the CSRF protection off? Or at least a way to
reset it when it goes stupid? I'm ready to human interaction.
_______________________________________________
Roundcube Users mailing list
users@lists.roundcube.net
http://lists.roundcube.net/mailman/listinfo/users