[imp] further issues

[Spiro Harvey, Knossos Networks Ltd]

> ...because IMP has a [server][token] setting that determines the 
> lifetime of tokens that protect against XSS attacks. Look at the IMP 
> setup page on the 'server' tab.

adding these into my imp/conf.php fixed the problem.

$conf['server']['cache_folders'] = true;
$conf['server']['token_lifetime'] = 1800;
$conf['server']['cachejs'] = 'none';
$conf['server']['cachecss'] = 'none';


I have configured my horde install so that the admin stuff is 
accessible. it's a pain in the neck to display it all again, and given 
that horde seems to crap its pants when I so much as look at it askew, I 
find it best to leave well alone.

If the token is a new feature, then it should have been mentioned in the 
upgrade notes. If it's not a new feature, then why did Imp work before 
without these settings enabled?

I prefer to be able to control Imp (and horde) through the config files 
directly. Am I going to be forced to go into the GUI admin with each 
update just to see what new undocumented features have been added, or is 
it reasonable to expect a list of these features and config settings in 
the upgrade notes?


-- 
Spiro Harvey                  Knossos Networks Ltd
021-295-1923                    www.knossos.net.nz