Expired sessions in an active browser window do not redirect to login page
|Reported by:||brandond||Owned by:|
If the user resumes an active but expired session, interval JS functions will trigger 'server error' messages, but the user will not be redirected to a login page unless they perform a full page refresh.
An easy way to replicate this is to log in to Roundcube on a laptop and then close it for 15 minutes (or whatever your session lifetime is set to). After re-opening the laptop, the first check_for_recent poll will have its session killed for being expired, but no message will be displayed to the user. Subsequent polls will display a red 'Server Error 404' message triggered by the request token mismatch.
Ideally the expiry would be detected and handled by refreshing the page to the login prompt with the 'sessionerror' message displayed.