Author Topic: No mails fetched and CSRF prohibits logout  (Read 3326 times)

Offline laotse

  • Newbie
  • *
  • Posts: 3
No mails fetched and CSRF prohibits logout
« on: September 08, 2019, 05:59:42 PM »
I just did a fresh install of roundcube 1.3.10 under Debian 10.1 using nginx, PHP 7.3.4. From the installer I could send a test email and imap login worked fine. I did a first login using my IMAP credentials and it worked fine. RC fetches all folders from my dovecot, but it doesn't fetch any mail. I checked using $config['imap_debug'] = true;, and I could verify that no mail is ever attempted to be fetched. Of course there are mails - I see them in Thunderbird, Nextcloud, Horde, ...

Trying to log out failed due to CSRF. Well, it requires human interaction ... I could not yet figure out which, and according to what I found on the web it seems stange that this error pops up at logout.

As it seems the issue is different from another recent post even if the view is probably similar. But I did not have any issues in the installer.

Thanks for your help,
 - lars.

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,876
    • SKaero - Custom Roundcube development
Re: No mails fetched and CSRF prohibits logout
« Reply #1 on: September 09, 2019, 09:22:54 AM »
What specifically is the error?

Offline laotse

  • Newbie
  • *
  • Posts: 3
Re: No mails fetched and CSRF prohibits logout
« Reply #2 on: September 09, 2019, 03:12:16 PM »
The error during logout is (German):

ANFORDERUNGSPRÜFUNG FEHLGESCHLAGEN

Zu Ihrer Sicherheit wird der Zugriff auf diese Ressource mit CSRF geschützt.
Wenn Sie dies sehen, haben Sie sich wahrscheinlich vor dem Verlassen der Webanwendung nicht abgemeldet.

Nun ist eine menschliche Interaktion erforderlich, um fortzusetzen.
Bitte kontaktieren Sie Ihren Server-Administrator.


which translates to about:

Verification of request failed

For your security the acces to this resource is secured by CSRF.
If you see this, you probably did not log out before leaving the application.

Now a human interaction is required to continue.
Please contact your server administrator.


As mentioned above, I receive this when clicking log-out!

Offline laotse

  • Newbie
  • *
  • Posts: 3
[SOLVED] No mails fetched and CSRF prohibits logout
« Reply #3 on: September 09, 2019, 03:37:40 PM »
Thanks to the similar issue https://www.roundcubeforum.net/index.php/topic,28514.0.html I checked the javascript console and it turned out that jQuery was missing. After installing the latest jQuery into /program/js I now see my mails and log out works fine.

Thanks for the inspirations,
 - lars.