> ...because IMP has a [server][token] setting that determines the > lifetime of tokens that protect against XSS attacks. Look at the IMP > setup page on the 'server' tab.
adding these into my imp/conf.php fixed the problem. $conf['server']['cache_folders'] = true; $conf['server']['token_lifetime'] = 1800; $conf['server']['cachejs'] = 'none'; $conf['server']['cachecss'] = 'none'; I have configured my horde install so that the admin stuff is accessible. it's a pain in the neck to display it all again, and given that horde seems to crap its pants when I so much as look at it askew, I find it best to leave well alone. If the token is a new feature, then it should have been mentioned in the upgrade notes. If it's not a new feature, then why did Imp work before without these settings enabled? I prefer to be able to control Imp (and horde) through the config files directly. Am I going to be forced to go into the GUI admin with each update just to see what new undocumented features have been added, or is it reasonable to expect a list of these features and config settings in the upgrade notes? -- Spiro Harvey Knossos Networks Ltd 021-295-1923 www.knossos.net.nz -- IMP mailing list - Join the hunt: http://horde.org/bounties/#imp Frequently Asked Questions: http://horde.org/faq/ To unsubscribe, mail: [EMAIL PROTECTED]
