Error 400 CSRF token

4 months 2 weeks ago #231775 by tvalades
Please help us help you and fill where relevant:
Your LimeSurvey version: 5.3.29
Own server or LimeSurvey hosting: own
Survey theme/template:
Since last week we are having problems with a survey that we display through an iframe on another domain.
The error (attached image) appears in the Safari browser and in incognito windows in both Chrome and Safari In Chrome browsers it is displayed correctly.

We activate the option 'Embedded IFrames are allowed' and 'Force HTTPS' in the Security section of the global configuration and add the following code:

'session' => array (
// Uncomment the following lines if you need table-based sessions.
// Note: Table-based sessions are currently not supported on MSSQL server.
// 'class' => 'application.core.web.DbHttpSession',
// 'connectionID' => 'db',
// 'sessionTableName' => '{{sessions}}',
'cookieParams' => array(
'secure' => true,
'httponly' => true,
'samesite' => 'None',

'request' => array(
'csrfCookie' => array(
'sameSite' => 'None',
'secure' => true,

Which we saw in the manual

We don't know what else to do.from the safari browser itself by disabling the "prevent cross-site tracking" option in the preferences > privacy section no longer causes this problem. But I need a solution in the code so that this does not happen because I cannot control who accesses safari and make everyone perform this option
 Thanks for the help

Please Log in to join the conversation.

4 months 2 weeks ago #231779 by tpartner
Replied by tpartner on topic Error 400 CSRF token
You have already asked this. Do not double post, it will not get answers any faster.

Tony Partner

Solutions, code and workarounds presented in these forums are given without any warranty, implied or otherwise.

Please Log in to join the conversation.

Start now!

Just create your account and start using Limesurvey today.

Register now