Brian Gold wrote:
> Is your server clock correct?
>
> Could you check, if you can reproduce problem with SELinux set to permissive mode?
>
> Could you check if '4. General settings -> 16. Only secure cookies if poss.
> -> false' solves it?
>
> Could you check your webserver logs and make sure that browsers don't try to fetch signout.php or index.php without users clicking
> on signout link or knowingly entering your webmail login page?
Server clock is correct and syncing via NTP to an onsite server (as almost all our servers do).
Already tried setting "Only secure cookies" to false and that had no effect
http://pastebin.com/CqTEsZn6 - unaffected chrome user
http://pastebin.com/ND3JXkX6 - affected chrome user
It does look like the affected user is being redirected to login.php at some point. The only steps that I took in the affected
chrome user were the following:
Load /webmail/src/login.php - enter username & password
Load Leftnav & inbox
Click the subject line of the first message in the inbox
Patch for login.php
http://pastebin.com/gVZNuKYdNot sure if formating is correct. It is used in environment which has some slight API differences. Let me know if you need offline copy or detailed explanation about side effects of this patch.
