Conflicts: index.php
@ -225,7 +225,7 @@ else {
// check client X-header to verify request origin
if ($OUTPUT->ajax_call) {
if (rc_request_header('X-Roundcube-Request') != $RCMAIL->get_request_token() && !$RCMAIL->config->get('devel_mode')) {
if (rc_request_header('X-Roundcube-Request') != $RCMAIL->get_request_token()) {
header('HTTP/1.1 403 Forbidden');
die("Invalid Request");
}