New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Facebook SDK returned an error: Cross-site request forgery validation failed on localhost #572

Closed
faizytech opened this Issue Apr 13, 2016 · 4 comments

Comments

Projects
None yet
5 participants
@faizytech

faizytech commented Apr 13, 2016

Hi Guys i really need help.
i am using Xampp server locally on my windows based pc. i am OAuth dialog is working and returning successfully but received this error on callback page.
Facebook SDK returned an error: Cross-site request forgery validation failed. Required param "state" missing.

i have tried session_start already.
kindly guide me
Thanks

@sachintaware

This comment has been minimized.

Show comment
Hide comment
@sachintaware

sachintaware Apr 14, 2016

Sorry,missed that you have already tried this. I believe you need check your callback url's set in the app and make sure those are correct. Also where are you using session_start();
This is where I use it before the callback route.

session_start(); Route::get('fb/fb-callback',function(){ foreach ($_COOKIE as $k=>$v) { if(strpos($k, "FBRLH_")!==FALSE) { $_SESSION[$k]=$v; } } $fb = new Facebook\Facebook([ 'app_id' => env('FACEBOOK_APP_ID'), // Replace {app-id} with your app id 'app_secret' => env('FACEBOOK_APP_SECRET'), 'default_graph_version' => 'v2.5', ]);

http://stackoverflow.com/questions/31347341/the-state-param-from-the-url-and-session-do-not-match

http://stackoverflow.com/questions/32029116/facebook-sdk-returned-an-error-cross-site-request-forgery-validation-failed-th

This is a long standing issue and here's a quick fix.You need to enable sessions and it should work.
Refer to both the SO threads for reference. All the best

sachintaware commented Apr 14, 2016

Sorry,missed that you have already tried this. I believe you need check your callback url's set in the app and make sure those are correct. Also where are you using session_start();
This is where I use it before the callback route.

session_start(); Route::get('fb/fb-callback',function(){ foreach ($_COOKIE as $k=>$v) { if(strpos($k, "FBRLH_")!==FALSE) { $_SESSION[$k]=$v; } } $fb = new Facebook\Facebook([ 'app_id' => env('FACEBOOK_APP_ID'), // Replace {app-id} with your app id 'app_secret' => env('FACEBOOK_APP_SECRET'), 'default_graph_version' => 'v2.5', ]);

http://stackoverflow.com/questions/31347341/the-state-param-from-the-url-and-session-do-not-match

http://stackoverflow.com/questions/32029116/facebook-sdk-returned-an-error-cross-site-request-forgery-validation-failed-th

This is a long standing issue and here's a quick fix.You need to enable sessions and it should work.
Refer to both the SO threads for reference. All the best

@mantissefr

This comment has been minimized.

Show comment
Hide comment
@mantissefr

mantissefr Apr 19, 2016

Hello,

@nanangkoesharwanto

Thanks to the messages raised by mr. Taware, I think you should use the option :

"persistent_data_handler"=>"session"

See there for more information,

http://stackoverflow.com/questions/32029116/facebook-sdk-returned-an-error-cross-site-request-forgery-validation-failed-th

-----Message d'origine-----
De : "Sachin Taware" notifications@github.com
Envoyé : ‎14/‎04/‎2016 09:47
À : "facebook/facebook-php-sdk-v4" facebook-php-sdk-v4@noreply.github.com
Objet : Re: [facebook/facebook-php-sdk-v4] Facebook SDK returned an error:Cross-site request forgery validation failed on localhost (#572)

http://stackoverflow.com/questions/31347341/the-state-param-from-the-url-and-session-do-not-match
http://stackoverflow.com/questions/32029116/facebook-sdk-returned-an-error-cross-site-request-forgery-validation-failed-th
This is a long standing issue and here's a quick fix.You need to enable sessions and it should work.
Refer to both the SO threads for reference. All the best

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

mantissefr commented Apr 19, 2016

Hello,

@nanangkoesharwanto

Thanks to the messages raised by mr. Taware, I think you should use the option :

"persistent_data_handler"=>"session"

See there for more information,

http://stackoverflow.com/questions/32029116/facebook-sdk-returned-an-error-cross-site-request-forgery-validation-failed-th

-----Message d'origine-----
De : "Sachin Taware" notifications@github.com
Envoyé : ‎14/‎04/‎2016 09:47
À : "facebook/facebook-php-sdk-v4" facebook-php-sdk-v4@noreply.github.com
Objet : Re: [facebook/facebook-php-sdk-v4] Facebook SDK returned an error:Cross-site request forgery validation failed on localhost (#572)

http://stackoverflow.com/questions/31347341/the-state-param-from-the-url-and-session-do-not-match
http://stackoverflow.com/questions/32029116/facebook-sdk-returned-an-error-cross-site-request-forgery-validation-failed-th
This is a long standing issue and here's a quick fix.You need to enable sessions and it should work.
Refer to both the SO threads for reference. All the best

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub

@nanangkoesharwanto

This comment has been minimized.

Show comment
Hide comment
@nanangkoesharwanto

nanangkoesharwanto Apr 20, 2016

thank alot for your attention @mantissef,
i did that method before, and made my laravel (5.2) unstable.
sometimes it made lost connection, ajax didn't run, return to another route
didn't work, etc.
but, my last experiment, changing the script in the file, makes everything
run well.

again, thank you very much, and I will wait for the response.

On Tue, Apr 19, 2016 at 7:05 PM, mantissefr notifications@github.com
wrote:

Hello,

@nanangkoesharwanto

Thanks to the messages raised by mr. Taware, I think you should use the
option :

"persistent_data_handler"=>"session"

See there for more information,

http://stackoverflow.com/questions/32029116/facebook-sdk-returned-an-error-cross-site-request-forgery-validation-failed-th

-----Message d'origine-----
De : "Sachin Taware" notifications@github.com
Envoyé : ‎14/‎04/‎2016 09:47
À : "facebook/facebook-php-sdk-v4" <facebook-php-sdk-v4@noreply.github.com

Objet : Re: [facebook/facebook-php-sdk-v4] Facebook SDK returned an
error:Cross-site request forgery validation failed on localhost (#572)

http://stackoverflow.com/questions/31347341/the-state-param-from-the-url-and-session-do-not-match

http://stackoverflow.com/questions/32029116/facebook-sdk-returned-an-error-cross-site-request-forgery-validation-failed-th
This is a long standing issue and here's a quick fix.You need to enable
sessions and it should work.
Refer to both the SO threads for reference. All the best

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub


You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub
#572 (comment)

nanangkoesharwanto commented Apr 20, 2016

thank alot for your attention @mantissef,
i did that method before, and made my laravel (5.2) unstable.
sometimes it made lost connection, ajax didn't run, return to another route
didn't work, etc.
but, my last experiment, changing the script in the file, makes everything
run well.

again, thank you very much, and I will wait for the response.

On Tue, Apr 19, 2016 at 7:05 PM, mantissefr notifications@github.com
wrote:

Hello,

@nanangkoesharwanto

Thanks to the messages raised by mr. Taware, I think you should use the
option :

"persistent_data_handler"=>"session"

See there for more information,

http://stackoverflow.com/questions/32029116/facebook-sdk-returned-an-error-cross-site-request-forgery-validation-failed-th

-----Message d'origine-----
De : "Sachin Taware" notifications@github.com
Envoyé : ‎14/‎04/‎2016 09:47
À : "facebook/facebook-php-sdk-v4" <facebook-php-sdk-v4@noreply.github.com

Objet : Re: [facebook/facebook-php-sdk-v4] Facebook SDK returned an
error:Cross-site request forgery validation failed on localhost (#572)

http://stackoverflow.com/questions/31347341/the-state-param-from-the-url-and-session-do-not-match

http://stackoverflow.com/questions/32029116/facebook-sdk-returned-an-error-cross-site-request-forgery-validation-failed-th
This is a long standing issue and here's a quick fix.You need to enable
sessions and it should work.
Refer to both the SO threads for reference. All the best

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub


You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub
#572 (comment)

@SammyK SammyK added the duplicate label Apr 20, 2016

@SammyK

This comment has been minimized.

Show comment
Hide comment
@SammyK

SammyK Apr 20, 2016

Collaborator

See: #470 (comment) :)

Collaborator

SammyK commented Apr 20, 2016

See: #470 (comment) :)

@SammyK SammyK closed this Apr 20, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment