- Posts: 5
- Thank you received: 0
Welcome to the LimeSurvey Community Forum
Ask the community, share ideas, and connect with other LimeSurvey users!
Error 400 CSRF token
- tvalades
-
Topic Author
- Offline
- New Member
-
1 year 7 months ago #231692
by tvalades
Error 400 CSRF token was created by tvalades
Please help us help you and fill where relevant:
Your LimeSurvey version: 5.3.29
Own server or LimeSurvey hosting: Servidor propio
Survey theme/template: personalizado_bootswatch
==================
Hola, desde la semana pasada estamos teniendo problemas con una encuesta que mostramos mediante un iframe en otro dominio.
El error (adjunto imagen) aparece en navegador Safari y en ventanas de incógnito tanto en Chrome como en Safarihttps://ibb.co/cvWhc9nhttps://ibb.co/cvWhc9n. En navegadores Chrome se visualiza correctamente.
Activamos la opción 'Se permiten IFrames embebidos' y 'Forzar HTTPS' del apartado Seguridad de la configuración global y añadimos el siguiente código:
'session' => array (
'sessionName'=>'LS-VBXZZORFJZCAKGYI',
// Uncomment the following lines if you need table-based sessions.
// Note: Table-based sessions are currently not supported on MSSQL server.
// 'class' => 'application.core.web.DbHttpSession',
// 'connectionID' => 'db',
// 'sessionTableName' => '{{sessions}}',
'cookieParams' => array(
'secure' => true,
'httponly' => true,
'samesite' => 'None',
),
),
'request' => array(
'enableCsrfValidation'=>true,
'csrfCookie' => array(
'sameSite' => 'None',
'secure' => true,
),
El cual vimos en el manual
No sabemos qué más hacer.
Gracias por la ayuda
Your LimeSurvey version: 5.3.29
Own server or LimeSurvey hosting: Servidor propio
Survey theme/template: personalizado_bootswatch
==================
Hola, desde la semana pasada estamos teniendo problemas con una encuesta que mostramos mediante un iframe en otro dominio.
El error (adjunto imagen) aparece en navegador Safari y en ventanas de incógnito tanto en Chrome como en Safarihttps://ibb.co/cvWhc9nhttps://ibb.co/cvWhc9n. En navegadores Chrome se visualiza correctamente.
Activamos la opción 'Se permiten IFrames embebidos' y 'Forzar HTTPS' del apartado Seguridad de la configuración global y añadimos el siguiente código:
'session' => array (
'sessionName'=>'LS-VBXZZORFJZCAKGYI',
// Uncomment the following lines if you need table-based sessions.
// Note: Table-based sessions are currently not supported on MSSQL server.
// 'class' => 'application.core.web.DbHttpSession',
// 'connectionID' => 'db',
// 'sessionTableName' => '{{sessions}}',
'cookieParams' => array(
'secure' => true,
'httponly' => true,
'samesite' => 'None',
),
),
'request' => array(
'enableCsrfValidation'=>true,
'csrfCookie' => array(
'sameSite' => 'None',
'secure' => true,
),
El cual vimos en el manual
No sabemos qué más hacer.
Gracias por la ayuda
Attachments:
Please Log in to join the conversation.
- jelo
-
- Offline
- Platinum Member
-
- Joffm
-
- Away
- LimeSurvey Community Team
-
- tvalades
-
Topic Author
- Offline
- New Member
-
1 year 7 months ago #231705
by tvalades
Replied by tvalades on topic Error 400 CSRF token
I'm sorry, I thought I was in the Spanish forum 
Since last week we are having problems with a survey that we display through an iframe on another domain.
The error (attached image) appears in the Safari browser and in incognito windows in both Chrome and Safarihttps://ibb.co/cvWhc9nhttps://ibb.co/cvWhc9n. In Chrome browsers it is displayed correctly.
We activate the option 'Embedded IFrames are allowed' and 'Force HTTPS' in the Security section of the global configuration and add the following code:
'session' => array (
'sessionName'=>'LS-VBXZZORFJZCAKGYI',
// Uncomment the following lines if you need table-based sessions.
// Note: Table-based sessions are currently not supported on MSSQL server.
// 'class' => 'application.core.web.DbHttpSession',
// 'connectionID' => 'db',
// 'sessionTableName' => '{{sessions}}',
'cookieParams' => array(
'secure' => true,
'httponly' => true,
'samesite' => 'None',
),
),
'request' => array(
'enableCsrfValidation'=>true,
'csrfCookie' => array(
'sameSite' => 'None',
'secure' => true,
),
Which we saw in the manual
We don't know what else to do.
Thanks for the help
Since last week we are having problems with a survey that we display through an iframe on another domain.
The error (attached image) appears in the Safari browser and in incognito windows in both Chrome and Safarihttps://ibb.co/cvWhc9nhttps://ibb.co/cvWhc9n. In Chrome browsers it is displayed correctly.
We activate the option 'Embedded IFrames are allowed' and 'Force HTTPS' in the Security section of the global configuration and add the following code:
'session' => array (
'sessionName'=>'LS-VBXZZORFJZCAKGYI',
// Uncomment the following lines if you need table-based sessions.
// Note: Table-based sessions are currently not supported on MSSQL server.
// 'class' => 'application.core.web.DbHttpSession',
// 'connectionID' => 'db',
// 'sessionTableName' => '{{sessions}}',
'cookieParams' => array(
'secure' => true,
'httponly' => true,
'samesite' => 'None',
),
),
'request' => array(
'enableCsrfValidation'=>true,
'csrfCookie' => array(
'sameSite' => 'None',
'secure' => true,
),
Which we saw in the manual
We don't know what else to do.
Thanks for the help
Please Log in to join the conversation.
- DenisChenu
-
- Away
- LimeSurvey Community Team
-