Problem with the integration of surveys in "App"

More
4 months 3 weeks ago #200673 by ch123
Hey.
I have problem with my Limesurvey installation (version 3.22.19).

I have a small "navigation app" (it's actually just a web interface) that helps participants navigate through various surveys. The surveys are integrated in the interface via iframe. Recently, however, problems have been occurring. The first page of the survey (welcome text) is displayed normally, but as soon as I click on "Next", an error message appears: "400: Bad Request - The CSRF token could not be verified. (see screenshot, but it is in German).

I don't really know what to do next. About a week ago everything was still working.
IFrame is allowed in the global settings. I haven't really changed anything else.
Also, these warnings in the second screenshot arrise - but unfortunately I don't know what to do with the corresponding files of the Limesurvey instance.

Does anyone have any idea what the problem could be?

Thank you! :)
Attachments:

Please Log in to join the conversation.

LimeSurvey Partners
More
4 months 3 weeks ago #200676 by tpartner
What happens if you access the surveys directly?

Cheers,
Tony Partner

Solutions, code and workarounds presented in these forums are given without any warranty, implied or otherwise.
Official LimeSurvey Partner - partnersurveys.com

Please Log in to join the conversation.

More
4 months 3 weeks ago #200679 by ch123
Ah, sorry, I totally forgot that part. When opening directly, everything runs perfectly - the survey can be done without any problems. So it seems to be a problem with the integration / or my webserver / or anything. But this is beyond my knowledge ...
I'm sorry if I'm in the totally wrong place here and the problem is more to do with the app/interface! Just thought I would check all the possibilities.

Please Log in to join the conversation.

More
4 months 3 weeks ago #200684 by gabrieljenik
Are surveys on a different domain then the main app who holds the iframe?

This is possible because the csrf cookie is not getting saved on the browser and hence posts are rejected.

Making LS a subdomain of the main app will probably fix it.

Solutions, code and workarounds presented in these forums are given without any warranty, implied or otherwise.

Checkout our Reporting Solutions and our plugin shop at www.encuesta.biz .

The following user(s) said Thank You: ch123

Please Log in to join the conversation.

More
4 months 3 weeks ago - 4 months 3 weeks ago #200694 by ch123
Thank you Gabriel for your reply!
Sounds like a great and simple idea. Unfortunately, it's not possible to load LS on the same domain - as the app is not using my own server ...
Is it possible to save the csrf cookie manually or anything?
But still thank you, great help :D
Last edit: 4 months 3 weeks ago by ch123.

Please Log in to join the conversation.

More
4 months 3 weeks ago #200699 by tpartner
Hmm...I have never run into that CSRF problem when inserting surveys in iframes.

Try this survey on my server (version 3.22.19) in an iframe - partnersurveys.com/limesurvey3x/index.php/914872?lang=en .

Cheers,
Tony Partner

Solutions, code and workarounds presented in these forums are given without any warranty, implied or otherwise.
Official LimeSurvey Partner - partnersurveys.com
The following user(s) said Thank You: ch123

Please Log in to join the conversation.

More
4 months 3 weeks ago - 4 months 3 weeks ago #200737 by ch123
Hey tpartner! Thank you for the link. It is working with your survey ... that's good to know, it's possible. So it has to do with my LimeSurvey installation or what do you think? :)
Or my webserver? Like a "false" .htaccess file that has problem with the iframes? It's probably not the right forum for this question, but I'm a newbie.
Last edit: 4 months 3 weeks ago by ch123.

Please Log in to join the conversation.

More
4 months 3 weeks ago #200751 by gabrieljenik
Maybe you could do a subdomain through an A record on the DNS Zone?

Solutions, code and workarounds presented in these forums are given without any warranty, implied or otherwise.

Checkout our Reporting Solutions and our plugin shop at www.encuesta.biz .

The following user(s) said Thank You: ch123

Please Log in to join the conversation.

More
4 months 3 weeks ago #200756 by tpartner
If it was working a week ago and you made no changes to LimeSurvey, try contacting you hosting provider support or server admin to see what changes were made.

Cheers,
Tony Partner

Solutions, code and workarounds presented in these forums are given without any warranty, implied or otherwise.
Official LimeSurvey Partner - partnersurveys.com

Please Log in to join the conversation.

More
4 months 3 weeks ago #200781 by ch123
Thank you for the help!!
It seems to work with 3.19 ... so probably I updated my LimeSurvey and forgot to check the app integration.
I installed the older version on another webspace. Is it possible to see which changes where made between the two versions (3.19 - 3.22)? :) So maybe I can find the "error" (probably, it's not an error, but more an improved security policy) and change it in 3.22?

Please Log in to join the conversation.

More
4 months 3 weeks ago #200782 by tpartner
The release notes are here - github.com/LimeSurvey/LimeSurvey/blob/ma...cs/release_notes.txt

But my test survey that you said worked is on version 3.22.19 so I don't think that the version is the problem.

Cheers,
Tony Partner

Solutions, code and workarounds presented in these forums are given without any warranty, implied or otherwise.
Official LimeSurvey Partner - partnersurveys.com
The following user(s) said Thank You: ch123

Please Log in to join the conversation.

More
4 months 3 weeks ago #200801 by ch123
You're right, that's strange ...
I transferred all my surveys to the older version 3.19.3 and it's working now. Still don't know what the problem is/was, but I'm satisfied as long as the participants can fill out the surveys now.
Thank you for all the help :)

Please Log in to join the conversation.

Start now!

Just create your account and start using Limesurvey today.

Register now