Allow cross-task ajax requests

git-svn-id: https://svn.roundcube.net/trunk@5375 208e9e7b-5314-0410-a742-e7e81cd9613c
author: thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> 2011-10-30 11:34:31 +0000
committer: thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> 2011-10-30 11:34:31 +0000
commit: 6b0dab16efeb4c003aa4e8c927738bd40945de1d (patch)
tree: 8577bd0722ba39a808f496613c4eaee1302eee82 /roundcubemail/index.php
parent: 6274167272f5399fffcc7bb21a81670aa99e67bb (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/roundcubemail/index.php b/roundcubemail/index.php
index a1eb54587..dce3db36d 100644
--- a/roundcubemail/index.php
+++ b/roundcubemail/index.php
@@ -195,7 +195,7 @@ else {
   // check client X-header to verify request origin
   if ($OUTPUT->ajax_call) {
     if (rc_request_header('X-Roundcube-Request') != $RCMAIL->get_request_token() && !$RCMAIL->config->get('devel_mode')) {
-      header('HTTP/1.1 404 Not Found');
+      header('HTTP/1.1 403 Forbidden');
       die("Invalid Request");
     }
   }
author	thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c>	2011-10-30 11:34:31 +0000
committer	thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c>	2011-10-30 11:34:31 +0000
commit	6b0dab16efeb4c003aa4e8c927738bd40945de1d (patch)
tree	8577bd0722ba39a808f496613c4eaee1302eee82 /roundcubemail/index.php
parent	6274167272f5399fffcc7bb21a81670aa99e67bb (diff)