[Tickets #7931] Left Logout button throws "malicious request"

bugs at horde.org bugs at horde.org
Mon Feb 2 09:51:33 UTC 2009


DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.

Ticket URL: http://bugs.horde.org/ticket/7931
------------------------------------------------------------------------------
  Ticket             | 7931
  Created By         | rdorfner at sysdesign-edv.de
  Summary            | Left Logout button throws "malicious request"
  Queue              | Horde Groupware Webmail Edition
  Version            | 1.2.2
  Type               | Bug
  State              | Unconfirmed
  Priority           | 1. Low
  Milestone          |
  Patch              |
  Owners             |
------------------------------------------------------------------------------


rdorfner at sysdesign-edv.de (2009-02-02 04:51) wrote:

When I log in into our horde Webmail AND log out, immediately, i got the

"We cannot verify that this request was really sent by you. It could  
be a malicious request. If you intended to perform this action, you  
can retry it now."

message.

This only happens with the "logout" button from the left frame menu.  
The "logout" button in the head bar always works.

Probably there is something wrong with the "horde_logout_token",  
within registration.

To watch the error, please follow these steps exactly:
1. ) Log in to your horde framework
2.) Push the "logout" Button in the left frame  (last one)
3. ) You get the message about "malicious request", mentioned above,
AND you are not logged out correctly (session still alive)

1. ) Log in to your horde framework
2.) Push a button like Webmail/Inbox
3.) Push the "logout" Button in the left frame  (last one)
4. ) Your are logged out correctly







More information about the bugs mailing list