Roundcube 0.3.1 Session never Expired

[vimalkumar]

I installed Roundcube 0.3.1 and my Session never Expired. So, after i installed Roundcube 0.2 stable surprisingly this session is also not Expired. I'm not changed the session config on both 0.3.1 and 0.2:
$rcmail_configsession_lifetime? = 10;
$rcmail_configmin_keep_alive? = 60;
$rcmail_configkeep_alive? = 60;

I've tried the [PATCH] Add option to avoid un-necessary updates to the session table.

But no use at all,

Finally, I saw the session table in the Database which keep's updating the 'Changed' field (every 1 min). I think automatically fired requests are renewing the session.

[rosali]

Check recent / keep alive requests renew session ... right? That's not what users expect. They want to timeout the session if there is no 'human' activity.

[vimalkumar]

I installed Roundcube 0.3.1 and my Session never Expired. So, after i installed Roundcube 0.2 stable surprisingly this session is also not Expired. I'm not changed the session config on both 0.3.1 and 0.2: $rcmail_config[session_lifetime] = 10; $rcmail_config[min_keep_alive] = 60; $rcmail_config[keep_alive] = 60;

I've tried the [PATCH] Add option to avoid un-necessary updates to the session table.

But no use at all,

Finally, I saw the session table in the Database which keep's updating the 'Changed' field (every 1 min). I think automatically fired requests are renewing the session.

When the bug will be patched?

[thomasb]

This is designed behavior. As a user I don't want my session to time out on inactivity but rather having Roundcube open in a browser tab while I'm working on other stuff. As soon as I close my browser window/tab no more keep-alives will be sent and the session will time out. This is not a bug and will therefore not be patched.

[rosali]

OK, I'm going to make a plugin for that.

[vimalkumar]

I appreciate Mr. Rosali for making an effort for this!