[Tickets #6857] Re: Error loging out. Required secret is invalid - potentially malicious request.

bugs at horde.org bugs at horde.org
Sun Jun 22 15:03:22 UTC 2008


DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/6857
------------------------------------------------------------------------------
  Ticket             | 6857
  Updated By         | support at pwv-shops.de
  Summary            | Error loging out. Required secret is invalid -
                     | potentially malicious request.
  Queue              | Horde Groupware Webmail Edition
  Version            | 1.1
  Type               | Bug
  State              | Feedback
  Priority           | 1. Low
  Milestone          |
  Patch              |
  Owners             |
------------------------------------------------------------------------------


support at pwv-shops.de (2008-06-22 11:03) wrote:

For my Horde Groupware Webmail config it's enough to login (auth by  
imap) and logout and do nothing between this two actions to provoke  
this token-error. I'm using MySQL for storage, sessions and tokens,  
too. I think the problem is, that only sessionhandler-table is set to  
InnoDB engine, and so there are row-lock problems. The token-table  
uses MyIsam, so I changed it to InnoDB (ALTER TABLE horde_tokens  
ENGINE=InnoDB;) and it seems to works. By the way I've applied this  
engine to all tables.





More information about the bugs mailing list