Bug 209349

Summary: www/roundcube: access to this resource is secured against CSRF
Product: Ports & Packages Reporter: wxl
Component: Individual Port(s)Assignee: Alex Dupre <ale>
Status: Closed Overcome By Events    
Severity: Affects Many People CC: arved
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
www/roundcube 1.1.4 patch for CSRF error on logout none

Description wxl 2016-05-06 23:36:52 UTC 
Created attachment 170074 [details]
www/roundcube 1.1.4 patch for CSRF error on logout

Logouts in Roundcube 1.1.4 don't complete cleanly. Instead, the following error message appears:

> Request Check Failed
> For your protection, access to this resource is secured against CSRF.
> If you see this, you probably didn't log out before leaving the web
> application.
> Human interaction is now required to continue.
> Please contact your server-administrator.

This is related to a known bug now fixed in the 1.1.5 release:
https://github.com/roundcube/roundcubemail/issues/4956

In lieu of pulling down the new release, the attached patch will solve the problem.
Comment 1 Tilman Keskinoz freebsd_committer freebsd_triage 2016-05-11 16:28:47 UTC 
over to maintainer