[horde] We cannot verify that this request was really sent by you.

Jan Schneider jan at horde.org
Thu Oct 23 20:54:18 UTC 2008 

Then you have a wrong preference value set for the "forward_default"  
preference. But "forwardall" has never been a valid value, so I have  
no idea how you got that one.

Zitat von Paul Faure <faurep at agr.gc.ca>:

> If I open a message and click on forward, it uses this link:
>
> javascript:popup_imp('/horde/imp/compose.php',700,650,'actionID=forwardall&index=12269&identity=0&thismailbox=INBOX');
>
> And always throws that error you described.
>
> If instead I over over the word "Forward" and use any of the 3 links
> which appear, then I dont get that error:
>
> javascript:popup_imp('/horde/imp/compose.php',700,650,'actionID=forward_all&index=12269&identity=0&thismailbox=INBOX');
> javascript:popup_imp('/horde/imp/compose.php',700,650,'actionID=forward_body&index=12269&identity=0&thismailbox=INBOX');
> javascript:popup_imp('/horde/imp/compose.php',700,650,'actionID=forward_attachments&index=12269&identity=0&thismailbox=INBOX');
>
> The difference being the actionID=forwardall instead of
> actionID=forward_all.
>
> Webmail Edition 1.2
> Mail (imp) H3 (4.3)
>
>
>
>
> On Tue, 2008-10-14 at 16:20 -0400, Steve Devine wrote:
>> We have one user who is consistently getting this error.
>> "We cannot verify that this request was really sent by you. It could
>> be a malicious request."  He will get it 3 or 4 times a day most often
>> right after he has logged in but not always.
>>
>> I think this error comes from "function checkRequestToken" in  
>> imp/lib/IMP.php
>> Whats the purpose of this? I see it gets called from folders.php,  
>> mailbox.php
>> and message.php
>> It's description is "check if a token for form is valid" .. so is this
>> supposed to check for cross-site scripting or some other trickery?
>> Any suggestions on trouble shooting this?
>> We are running horde-webmail-1.1.3
>> Thanks
>>
>>
>>
>> Steve Devine
>> Email & Storage
>> Academic Technical Services
>> Michigan State University
>>
>> 313 Computer Center
>> East Lansing, MI 48824-1042
>> 1-517-432-7327
>>
>>
>> --
>> Horde mailing list - Join the hunt: http://horde.org/bounties/#horde
>> Frequently Asked Questions: http://horde.org/faq/
>> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
> --
> Horde mailing list - Join the hunt: http://horde.org/bounties/#horde
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>



Jan.

-- 
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/

More information about the horde mailing list