Am 22.04.2012 16:48, schrieb Michael Heydekamp: > Am 21.04.2012 14:54, schrieb A.L.E.C: > >> I created the ticket http://trac.roundcube.net/ticket/1488449 > > I wasn't able to understand the background of this thread entirely and the > context between a User-Agent header and aborted sessions
this is really simple to understand if sessions are protected from hijacking by store the inital user agent while they are created and a moron browser changes its own useragent randomly between requests the session is killed
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
