[horde] Deletion or move generates "malicious request" error

Gabriele Schaarschmidt schaarschmidt at zdv.uni-tuebingen.de
Tue Aug 4 11:00:35 UTC 2009

Hi all,

some of our users have the following problem:
when they try to delete or move a message they get an error:

"We cannot verify that this request was really sent by you.
It could be a malicious request. If you intended to perform this
action, you can retry it now."

and mails will not be marked for deletion or moved.

This also happens sometimes when logging out immediatly after login.

We use horde-3.3.3, imp-h3-4.3.3 with memcache as custom session

SUSE Linux Enterprise Server 10 (x86_64)

$conf['cache']['default_lifetime'] = 86400;
$conf['cache']['driver'] = 'memcache';

$conf['sessionhandler']['params']['track'] = false;
$conf['sessionhandler']['type'] = 'memcache';
$conf['sessionhandler']['memcache'] = true;

$conf['memcache']['hostspec'] = array('localhost');
$conf['memcache']['port'] = array('11211');
$conf['memcache']['weight'] = array();
$conf['memcache']['persistent'] = true;
$conf['memcache']['c_threshold'] = 0;
$conf['memcache']['compression'] = true;
$conf['memcache']['large_items'] = true;
$conf['memcache']['enabled'] = true;

tickets #7618 #7931 are about a similar problem but with sql-based
session handler.

Can anyone reproduce this?


More information about the horde mailing list