When logging in with activated twofactors-plugin, I regularly get CSRF-errors: The Inbox is shown without errors, but when clicking on a mail or for example changing to calendar I get CSRF-errors irregularly.
The url seems to be different when logging in using the plugin, because the session id (the string before "/?_task" in the url) is missing when roundcube switches to the inbox after login. Sometimes (after getting the CSRF-error and clicking on continue session) the url is updated and the session id added. After that happens, the error does not occur anymore. When logging in without the twofactors-plugin, roundcube switches to the inbox and the url does include the session id from the beginning.
Is there anything I can do to solve this problem? Thanks in advance for your help!
Alex
When logging in with activated twofactors-plugin, I regularly get CSRF-errors: The Inbox is shown without errors, but when clicking on a mail or for example changing to calendar I get CSRF-errors irregularly. The url seems to be different when logging in using the plugin, because the session id (the string before "/?_task" in the url) is missing when roundcube switches to the inbox after login. Sometimes (after getting the CSRF-error and clicking on continue session) the url is updated and the session id added. After that happens, the error does not occur anymore. When logging in without the twofactors-plugin, roundcube switches to the inbox and the url does include the session id from the beginning. Is there anything I can do to solve this problem? Thanks in advance for your help! Alex