Am 22.04.2012 20:46, schrieb Michael Heydekamp: > Am 22.04.2012 20:15, schrieb Reindl Harald: >> Am 22.04.2012 20:00, schrieb Michael Heydekamp: > > Thanks for all the in-depth explanations.
no problem, it's my job and sometimes i like to help others understand partly, sometimes not :-) > So if the User-Agent header issue should be related to the > HTML editor only i have not looked deeper nor got any complaint now that roundcube has any problem in our setup but since users often do not say a single word and way too late come up with "since 6 months problem xyz.." i was a little alarmed and liked to give some possible hints but only guessing this time > Also here I should note again that we have the compose_newwindow plugin > 3.00 installed and activated. No idea, if this might be part of the issue. if you have the option to disable this it would be a good idea yeah plugins generally can do any damage > But given the fact that the InPrivate mode of IE did not make the symptom > appear yet, we (or more the core devs) should turn their focus in this > direction. this might be only what you see but not the root cause maybe wahtever problem is only triggered in context of MSIE because i know not a single other browser changing it's useragent and until two days ago i was even not aware taht MSIE does this in some situations because doing tis in the client is braindead protecting sessions from hijacking by remember the user-agent at start and abort each request with the same session ID and a different user-agent is common sense and some implementations are also including the client IP but - using the client IP is braindead these days seeing imap users on mobile devices chaging their IP all day long and kill them the web-application because they switched the mobile-cell is not a good idea
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Roundcube Users mailing list [email protected] http://lists.roundcube.net/mailman/listinfo/users
