Opened 3 years ago
Closed 3 years ago
#1486798 closed Bugs (fixed)
First mail in inbox is displayed wrong
| Reported by: | Mechanix | Owned by: | |
|---|---|---|---|
| Priority: | 1 - Highest | Milestone: | 0.4-stable |
| Component: | Security | Version: | 0.4-beta |
| Severity: | critical | Keywords: | |
| Cc: |
Description
Hi,
i use the latest 0.4 Beta version and have a couple of IMAPS accounts. What i´ve noticed is: the first mail in the inbox is wrong. When i click on the mail it displays a complete different content from another mail account! Only when i double click on the mail the right content is shown.
This is a very severe security issue here. I hope you can fix this bug as soon as possible.
Thank you.
Attachments (2)
Change History (13)
comment:1 Changed 3 years ago by alec
- Milestone changed from later to 0.4-stable
comment:2 Changed 3 years ago by Mechanix
Hi thank you for your reply.
This are the versions i use:
PHP Version 5.2.6
courier-imap-4.1.3-1
Yes i am behind a proxy at the moment. I´ll try to reproduce this at home later and provide the needed information. Thank you
Changed 3 years ago by Mechanix
comment:3 Changed 3 years ago by Mechanix
I´m sorry i use dovecot-1.0.10-0_66 as a imap server. Attached is the logfile. The message id 01716F6941B80F46975EE95C9675479201C2C14 is the one which is wrong. I see the content from a mail from another account. Has this something got to do with a sort of caching, maybe from js?
Kind regards,
Chris
comment:4 Changed 3 years ago by Mechanix
OK, this doesn´t occur only on the first message. I´ve just noticed this on a couple of messages in the inbox.
comment:5 Changed 3 years ago by alec
Please, check the log from the moment when you select the message. I don't see this in the log. Also it doesn't looks like 0.4. What http proxy are you using? Also please attach a log from the moment when you're clicking on the folder, something is strange in the log (probably not related to this issue).
Changed 3 years ago by Mechanix
comment:6 Changed 3 years ago by Mechanix
No, this is 0.4b. I´ve noticed that this issue doesn´t occur when not behind a proxy. We have here a caching proxy from Bluecoat. Attached is the logfile from the moment i´ve double clicked the message.
comment:7 follow-up: ↓ 8 Changed 3 years ago by alec
- Component changed from Core functionality to Security issue
So, there's a bug in send_nocaching_headers(). Wrong headers are sent when using https.
comment:8 in reply to: ↑ 7 Changed 3 years ago by Mechanix
Replying to alec:
So, there's a bug in send_nocaching_headers(). Wrong headers are sent when using https.
Is this a function in RC 04-beta?
comment:9 Changed 3 years ago by alec
Yes, but to fix this I'll need do some tests with Internet Explorer, so I'll try to fix this at home.
comment:10 Changed 3 years ago by Mechanix
Thank you so much for your quick reply.
comment:11 Changed 3 years ago by alec
- Resolution set to fixed
- Status changed from new to closed
Fixed in [37e467d5], but this should be tested more and verified with Internet Explorer. You'll need probably to clear proxy's cache.
We need more info. Try svn-trunk version. What PHP/IMAP? Enable imap_debug and attach logs/imap here. Are you using some proxies?